AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 199 results — High severity, has patch

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2026-44843 LangChain: deserialization poisons LLM chat history 8.2 — langchain-core May 8 HIGH CVE-2026-44566 Open WebUI: path traversal + file upload leads to RCE 7.3 — open-webui May 8 HIGH CVE-2026-44567 Open WebUI: auth bypass gives pending users full LLM access 7.3 — open-webui May 8 HIGH CVE-2026-44549 open-webui: XSS via XLSX preview enables session hijack 7.3 — open-webui May 8 HIGH CVE-2026-44209 banks: SSTI enables RCE via unsandboxed Jinja2 templates 7.5 — banks May 8 HIGH CVE-2026-44554 open-webui: RAG poisoning via unauthorized KB overwrite 8.1 — open-webui May 8 HIGH CVE-2026-44556 open-webui: auth bypass allows unrestricted model access 7.1 — open-webui May 8 HIGH CVE-2026-44555 open-webui: access control bypass via model chaining 7.6 — open-webui May 8 HIGH CVE-2026-44552 open-webui: Redis cache poisoning enables cross-instance tool hijack 8.7 — open-webui May 8 HIGH CVE-2026-44553 open-webui: stale Socket.IO role allows cross-user note R/W 8.1 — open-webui May 8 HIGH CVE-2026-44721 open-webui: XSS in model descriptions steals session tokens 7.3 — open-webui May 8 HIGH GHSA-8g7g-hmwm-6rv2 n8n-mcp: path traversal + SSRF exposes n8n API keys 8.3 — n8n-mcp May 8 HIGH CVE-2026-44513 diffusers: trust_remote_code bypass enables silent RCE 8.8 — diffusers May 7 HIGH GHSA-j7w6-vpvq-j3gm diffusers: silent RCE via None.py trust_remote_code bypass 8.8 — diffusers May 7 HIGH CVE-2026-44504 Aegra: cross-tenant IDOR hijacks user thread data — — aegra-api May 7 HIGH CVE-2026-44334 praisonai: RCE via unpatched tool_override exec_module 8.4 — praisonai May 6 HIGH CVE-2026-44335 praisonaiagents: SSRF via URL parser confusion bypass — — praisonaiagents May 6 HIGH CVE-2026-44244 GitPython: git config injection enables hook RCE 7.8 0.0% GitPython May 6 HIGH CVE-2026-42557 JupyterLab: one-click RCE via notebook HTML cell output — — notebook May 6 HIGH CVE-2026-33079 mistune: ReDoS exposes Jupyter/AI services to DoS — 0.0% mistune May 6

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial