AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

2

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 74 results — High severity, has patch

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2026-33497 Langflow is a tool for building and deploying... 7.5 — langflow Mar 24 HIGH CVE-2025-14287 A command injection vulnerability exists in... 7.5 0.1% mlflow Mar 16 HIGH CVE-2026-27826 MCP Atlassian has SSRF via unvalidated... 8.2 0.1% mcp-atlassian Mar 10 HIGH GHSA-5r2p-pjr8-7fh7 SageMaker Python SDK replaced eval() with safe... — — sagemaker Mar 5 HIGH CVE-2026-25048 xgrammar vulnerable to DoS via multi-layer nesting — 0.1% xgrammar Mar 5 HIGH GHSA-5hwf-rc88-82xm Fickling missing RCE-capable modules in... — — fickling Mar 4 HIGH GHSA-wccx-j62j-r448 Fickling has `always_check_safety()` bypass:... — — fickling Mar 4 HIGH GHSA-mxhj-88fx-4pcv Fickling: OBJ opcode call invisibility bypasses... — — fickling Feb 24 HIGH CVE-2026-2033 MLflow Tracking Server Artifact Handler Directory... 8.1 9.2% mlflow Feb 20 HIGH GHSA-97f8-7cmv-76j2 Picklescan (scan_pytorch) Bypass via dynamic eval... — — picklescan Feb 18 HIGH CVE-2026-25580 Pydantic AI is a Python agent framework for... 8.6 0.0% pydantic-ai Feb 6 HIGH CVE-2026-1777 SageMaker Python SDK has Exposed HMAC 7.2 0.0% sagemaker Feb 2 HIGH GHSA-9m3x-qqw2-h32h picklescan missing detection by simple... — — picklescan Feb 2 HIGH CVE-2026-1117 Lollms has an Improper Access Control... 8.2 0.1% lollms Feb 2 HIGH CVE-2025-10279 In mlflow version 2.20.3, the temporary directory... 7.0 0.0% mlflow Feb 2 HIGH CVE-2026-22219 Chainlit contain a server-side request forgery... 7.7 0.0% chainlit Jan 20 HIGH CVE-2026-0897 Google Keras Allocates Resources Without Limits... — 0.0% keras Jan 15 HIGH CVE-2025-14279 MLFlow versions up to and including 3.4.0 are... 8.1 0.0% mlflow Jan 12 HIGH CVE-2026-22612 Fickling vulnerable to detection bypass due to... — 0.1% fickling Jan 9 HIGH CVE-2026-22609 Fickling has Static Analysis Bypass via... — 0.1% fickling Jan 9 HIGH CVE-2026-22608 Fickling vulnerable to use of ctypes and pydoc... — 0.0% fickling Jan 9 HIGH CVE-2026-22607 Fickling Blocklist Bypass: cProfile.run() — 0.1% fickling Jan 9 HIGH CVE-2026-22606 Fickling has a bypass via runpy.run_path() and... — 0.1% fickling Jan 9 HIGH GHSA-mcmc-2m55-j8jj vLLM introduced enhanced protection for... 8.8 — vllm Jan 8 HIGH GHSA-9726-w42j-3qjr picklescan has Arbitrary file read using... — — picklescan Jan 8 HIGH GHSA-46h3-79wf-xr6c Picklescan is vulnerable to RCE via missing... — — picklescan Dec 30 HIGH GHSA-955r-x9j8-7rhh Picklescan is vulnerable to RCE via missing... — — picklescan Dec 30 HIGH GHSA-rrxm-2pvv-m66x Picklescan is vulnerable to RCE via missing... — — picklescan Dec 30 HIGH GHSA-3329-ghmp-jmv5 Picklescan is vulnerable to RCE through missing... — — picklescan Dec 29 HIGH GHSA-x843-g5mx-g377 Picklescan is vulnerable to RCE through missing... — — picklescan Dec 29 HIGH GHSA-r8g5-cgf2-4m4m Picklescan missing detection when calling... — — picklescan Dec 29 HIGH GHSA-hgrh-qx5j-jfwx Picklescan Bypasses Unsafe Globals Check using... 8.8 — picklescan Dec 29 HIGH GHSA-vqmv-47xg-9wpr Picklescan missing detection when calling... — — picklescan Dec 29 HIGH GHSA-84r2-jw7c-4r5q Picklescan has Incomplete List of Disallowed... — — picklescan Dec 29 HIGH GHSA-4675-36f9-wf6r Picklescan does not block ctypes — — picklescan Dec 29 HIGH GHSA-m273-6v24-x4m4 Picklescan vulnerable to Arbitrary File Writing — — picklescan Dec 29 HIGH CVE-2025-67748 Fickling has Code Injection vulnerability via... — 0.0% fickling Dec 15 HIGH CVE-2025-67747 Fickling has missing detection for marshal.loads... — 0.1% fickling Dec 15 HIGH CVE-2025-65958 Open WebUI vulnerable to Server-Side Request... 8.5 0.0% open-webui Dec 4 HIGH CVE-2025-65106 LangChain is a framework for building agents and... — 0.1% langchain-core Nov 21 HIGH CVE-2025-64496 Open WebUI Affected by an External Model Server... 7.3 0.2% open-webui Nov 7 HIGH CVE-2025-64495 Open WebUI vulnerable to Stored DOM XSS via... 8.7 0.0% open-webui Nov 7 HIGH CVE-2025-7707 llama-index has Insecure Temporary File 7.1 0.0% llama-index Oct 13 HIGH CVE-2025-6242 A Server-Side Request Forgery (SSRF)... 7.1 0.0% vllm Oct 7 HIGH CVE-2025-61784 LLaMA-Factory is a tuning library for large... 8.1 0.1% llamafactory Oct 7 HIGH CVE-2025-7647 llama-index-core insecurely handles temporary... 7.3 0.0% llama-index-core Sep 27 HIGH CVE-2025-10156 Picklescan: ZIP archive scan bypass is possible... 7.5 0.4% picklescan Sep 10 HIGH CVE-2025-10157 Picklescan is Vulnerable to Unsafe Globals Check... 8.3 0.1% picklescan Sep 10 HIGH CVE-2025-58757 Monai: Unsafe use of Pickle deserialization may... 8.8 0.6% monai Sep 9 HIGH CVE-2025-58756 MONAI: Unsafe torch usage may lead to arbitrary... 8.8 1.2% monai Sep 9

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial