AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 512 results — has patch
MEDIUM

mistune: XSS via unescaped heading id= attribute

CVE-2026-44897
6.1
Code Execution Data Extraction Framework RAG
mistune Patch: 3.2.1 CWE-79 463 4 ATLAS
HIGH

LangChain: deserialization poisons LLM chat history

CVE-2026-44843
8.2
Prompt Injection Code Execution Supply Chain Framework Agent
langchain-core Patch: 1.3.3 CWE-502 4.3K 5 ATLAS
HIGH

Open WebUI: path traversal + file upload leads to RCE

CVE-2026-44566
7.3
Code Execution Supply Chain Inference Model
open-webui Patch: 0.1.124 CWE-22 5 ATLAS
HIGH

Open WebUI: auth bypass gives pending users full LLM access

CVE-2026-44567
7.3
Auth Bypass Data Extraction DoS API Inference
open-webui Patch: 0.1.124 CWE-862 4 ATLAS
HIGH

open-webui: XSS via XLSX preview enables session hijack

CVE-2026-44549
7.3
Code Execution Data Extraction Auth Bypass Framework API
open-webui Patch: 0.8.0 CWE-79 7 ATLAS
MEDIUM

open-webui: XSS in pending overlay enables session hijack

CVE-2026-44568
4.8
Data Extraction Code Execution Social Engineering Inference Framework
open-webui Patch: 0.9.0 CWE-79 4 ATLAS
HIGH

banks: SSTI enables RCE via unsandboxed Jinja2 templates

CVE-2026-44209
7.5
Code Execution Supply Chain Framework Agent
banks Patch: 2.4.2 CWE-1336 154 4 ATLAS
MEDIUM

open-webui: RAG auth bypass exposes private files

CVE-2026-44560
6.5
Auth Bypass Data Extraction Privacy Violation RAG API Framework
open-webui Patch: 0.9.0 CWE-862 5 ATLAS
MEDIUM

open-webui: auth bypass exposes private group channels

CVE-2026-44561
5.4
Auth Bypass Data Extraction Privacy Violation API
open-webui Patch: 0.9.0 CWE-284 4 ATLAS
MEDIUM

open-webui: auth bypass in collaborative doc editing

CVE-2026-44564
5.4
Auth Bypass Prompt Injection DoS API Framework
open-webui Patch: 0.9.0 CWE-863 4 ATLAS
MEDIUM

open-webui: auth bypass exposes restricted LLM models

CVE-2026-44563
5.4
Auth Bypass Data Extraction Inference API
open-webui Patch: 0.9.0 CWE-862 5 ATLAS
MEDIUM

open-webui: missing authz enables model hijacking

CVE-2026-44562
6.5
Auth Bypass Model Poisoning Data Extraction Model API Framework
open-webui Patch: 0.9.0 CWE-862 5 ATLAS
MEDIUM

open-webui: private channel member list exposed to any user

CVE-2026-44559
4.3
Auth Bypass Data Extraction Privacy Violation API Framework
open-webui Patch: 0.9.0 CWE-862 4 ATLAS
MEDIUM

open-webui: auth bypass exposes all knowledge base metadata

CVE-2026-44557
4.3
Auth Bypass Data Extraction Privacy Violation RAG Framework API
open-webui Patch: 0.9.0 CWE-200 5 ATLAS
HIGH

open-webui: RAG poisoning via unauthorized KB overwrite

CVE-2026-44554
8.1
Auth Bypass Model Poisoning Prompt Injection RAG API Framework
open-webui Patch: 0.9.0 CWE-862 8 ATLAS
MEDIUM

open-webui: permission bypass exposes channels publicly

CVE-2026-44558
5.4
Auth Bypass Data Leakage API Framework
open-webui Patch: 0.9.0 CWE-863 3 ATLAS
HIGH

open-webui: auth bypass allows unrestricted model access

CVE-2026-44556
7.1
Auth Bypass DoS Data Extraction API Inference Model
open-webui Patch: 0.9.0 CWE-284 8 ATLAS
HIGH

Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining

CVE-2026-44555
7.6
open-webui Patch: 0.9.0 CWE-862
HIGH

Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning

CVE-2026-44552
8.7
open-webui Patch: 0.9.0 CWE-668
HIGH

Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access

CVE-2026-44553
8.1
open-webui Patch: 0.9.0 CWE-384

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial