AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,604
AI/ML CVEs Tracked
225
Critical
79
New This Week
16
In CISA KEV
Latest AI Security Threats
Showing 20 of 1092 results — no patch Severity CVE ID Summary CVSS EPSS Package Date
MEDI CVE-2026-44708 mistune: math plugin XSS bypasses escape=True control 6.1 — mistune May 8 CRIT CVE-2026-44211 cline: WebSocket auth bypass enables terminal RCE 9.6 — — May 8 MEDI CVE-2026-42282 n8n-MCP: credential logging exposes OAuth tokens in HTTP mode 4.3 — — May 8 HIGH CVE-2026-42271 LiteLLM: RCE via MCP test endpoint command injection 8.8 0.0% litellm May 8 CRIT CVE-2026-42208 LiteLLM: SQL injection exposes LLM API credentials 9.8 0.1% litellm May 8 UNKN CVE-2026-42203 LiteLLM: SSTI in prompt template endpoint enables RCE — 0.0% litellm May 8 CRIT CVE-2026-44484 pytorch-lightning: supply chain, credential harvesting — — pytorch-lightning May 7 MEDI CVE-2026-44479 vercel: auth token leak in AI agent non-interactive mode 5.5 — — May 7 LOW CVE-2026-44220 ciguard: symlink traversal exposes secrets via MCP agent — — — May 5 MEDI CVE-2026-43901 wireshark-mcp: path traversal enables arbitrary file write via MCP 6.8 — — May 5 HIGH CVE-2026-42079 PPTAgent: eval injection enables RCE via LLM prompt injection 8.6 0.0% — May 5 MEDI CVE-2026-42045 LobeChat: XSS-to-RCE via exposed Electron IPC 6.2 — @lobehub/lobehub May 5 LOW CVE-2026-7847 Langchain-Chatchat: predictable file IDs leak uploaded files 2.6 0.0% langchain-chatchat May 5 LOW CVE-2026-7846 Langchain-Chatchat: TOCTOU race allows silent file overwrite 2.6 0.0% langchain-chatchat May 5 LOW CVE-2026-7845 Langchain-Chatchat: weak image hash allows integrity bypass 2.6 0.0% langchain-chatchat May 5 MEDI CVE-2026-7844 Langchain-Chatchat: auth bypass on file service endpoints 6.3 0.0% — May 5 CRIT CVE-2026-7482 Ollama before 0.17.1 contains a heap... 9.1 0.1% — May 4 MEDI CVE-2026-7700 A weakness has been identified in langflow-ai... 6.3 0.0% — May 3 MEDI CVE-2026-7687 A vulnerability was determined in langflow-ai... 6.3 1.1% — May 3 MEDI CVE-2026-7669 A vulnerability was detected in sgl-project... 5.6 0.1% sglang May 2 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial