AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 485 results — High severity, no patch
Severity CVE ID Summary CVSS EPSS Package Date
HIGH CVE-2026-42271 LiteLLM: RCE via MCP test endpoint command injection 8.8 0.0% litellm May 8 HIGH CVE-2026-42079 PPTAgent: eval injection enables RCE via LLM prompt injection 8.6 0.0% May 5 HIGH CVE-2026-6543 Langflow: RCE exposes API keys and DB credentials 8.8 0.0% langflow Apr 30 HIGH CVE-2026-4503 IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow... 7.5 0.1% Apr 30 HIGH E CVE-2026-41279 Flowise is a drag & drop user interface to build... 7.5 0.1% flowise Apr 23 HIGH E CVE-2026-41278 Flowise is a drag & drop user interface to build... 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41277 Flowise is a drag & drop user interface to build... 8.8 0.1% flowise Apr 23 HIGH E CVE-2026-41275 Flowise is a drag & drop user interface to build... 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41273 Flowise is a drag & drop user interface to build... 8.2 0.1% flowise Apr 23 HIGH E CVE-2026-41272 Flowise is a drag & drop user interface to build... 7.1 0.0% flowise Apr 23 HIGH E CVE-2026-41271 Flowise is a drag & drop user interface to build... 8.3 0.1% flowise Apr 23 HIGH E CVE-2026-41270 Flowise is a drag & drop user interface to build... 8.3 0.0% flowise Apr 23 HIGH E CVE-2026-41269 Flowise is a drag & drop user interface to build... 8.8 0.1% flowise Apr 23 HIGH E CVE-2026-41266 Flowise is a drag & drop user interface to build... 7.5 0.0% flowise Apr 23 HIGH E CVE-2026-41138 Flowise is a drag & drop user interface to build... 8.8 0.3% flowise Apr 23 HIGH E CVE-2026-41137 Flowise is a drag & drop user interface to build... 8.8 0.3% flowise Apr 23 HIGH GHSA-2r2p-4cgf-hv7h engram: HTTP server CORS wildcard +... Apr 22 HIGH CVE-2026-6859 A flaw was found in InstructLab. The... 8.8 0.1% Apr 22 HIGH GHSA-gqqj-85qm-8qhf paperclipai: connector trust bypass enables Gmail read/write 8.7 paperclipai Apr 16 HIGH CVE-2026-30617 LangChain-ChatChat: RCE via unauthenticated MCP interface 8.6 0.2% Apr 15

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial