AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 220 results — Medium severity, has patch

Severity CVE ID Summary CVSS EPSS Package Date

MEDI CVE-2026-44897 mistune: XSS via unescaped heading id= attribute 6.1 — mistune May 9 MEDI CVE-2026-44568 open-webui: XSS in pending overlay enables session hijack 4.8 — open-webui May 8 MEDI CVE-2026-44560 open-webui: RAG auth bypass exposes private files 6.5 — open-webui May 8 MEDI CVE-2026-44561 open-webui: auth bypass exposes private group channels 5.4 — open-webui May 8 MEDI CVE-2026-44564 open-webui: auth bypass in collaborative doc editing 5.4 — open-webui May 8 MEDI CVE-2026-44563 open-webui: auth bypass exposes restricted LLM models 5.4 — open-webui May 8 MEDI CVE-2026-44562 open-webui: missing authz enables model hijacking 6.5 — open-webui May 8 MEDI CVE-2026-44559 open-webui: private channel member list exposed to any user 4.3 — open-webui May 8 MEDI CVE-2026-44557 open-webui: auth bypass exposes all knowledge base metadata 4.3 — open-webui May 8 MEDI CVE-2026-44558 open-webui: permission bypass exposes channels publicly 5.4 — open-webui May 8 MEDI CVE-2026-44550 open-webui: mass assignment enables cross-user folder injection 5.0 — open-webui May 8 MEDI CVE-2026-40610 BentoML: symlink traversal exfiltrates host secrets at build 5.5 — bentoml May 7 MEDI GHSA-cqmh-pcgr-q42f @axonflow/openclaw: credential exposure via insecure file permissions 5.5 — @axonflow/openclaw May 6 MEDI CVE-2026-44223 vLLM: speculative decoding DoS via penalty params 6.5 — vllm May 6 MEDI CVE-2026-44222 vLLM: token injection DoS via multimodal placeholders 6.5 — vllm May 5 MEDI GHSA-q8ff-7ffm-m3r9 openclaw: stale webhook secret survives credential rotation 6.0 — openclaw May 5 MEDI CVE-2026-40864 JupyterHub: CSRF bypass on spawn and share endpoints 5.4 — jupyterhub May 5 MEDI CVE-2026-40934 jupyter-server: auth cookie survives password reset 6.8 0.1% jupyter-server May 5 MEDI CVE-2025-61669 jupyter-server: Open redirect enables credential phishing — 0.0% jupyter-server May 5 MEDI CVE-2026-43570 OpenClaw: symlink traversal exposes host filesystem 6.5 0.1% openclaw May 5

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial