AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

2

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 171 results — Critical severity

Severity CVE ID Summary CVSS EPSS Package Date

CRIT CVE-2025-33244 NVIDIA APEX for Linux contains a vulnerability... 9.0 — — Mar 24 CRIT CVE-2026-33475 Langflow is a tool for building and deploying... 9.1 — langflow Mar 24 CRIT CVE-2026-33309 Langflow is a tool for building and deploying... 9.9 — langflow Mar 24 CRIT CVE-2026-33017 Langflow is a tool for building and deploying... 9.8 0.5% langflow Mar 20 CRIT CVE-2025-15031 A vulnerability in MLflow's pyfunc extraction... 9.1 0.0% mlflow Mar 18 CRIT CVE-2026-28500 Open Neural Network Exchange (ONNX) is an open... 9.1 0.0% onnx Mar 18 CRIT CVE-2026-27825 MCP Atlassian has an arbitrary file write leading... 9.1 0.0% mcp-atlassian Mar 10 CRIT CVE-2026-25960 vLLM is an inference and serving engine for large... 9.8 0.0% vllm Mar 9 CRIT CVE-2026-30821 Flowise is a drag & drop user interface to build... 9.8 — — Mar 7 CRIT GHSA-g38g-8gr9-h9xp PickleScan has multiple stdlib modules with... 9.8 — picklescan Mar 3 CRIT GHSA-vvpj-8cmc-gx39 PickleScan's pkgutil.resolve_name has a universal... 10.0 — picklescan Mar 3 CRIT GHSA-7wx9-6375-f5wh PickleScan's profile.run blocklist mismatch... 9.8 — picklescan Mar 3 CRIT CVE-2026-27966 Langflow is a tool for building and deploying... 9.8 0.2% langflow Feb 26 CRIT CVE-2026-27577 n8n is an open source workflow automation... 9.9 — n8n Feb 25 CRIT CVE-2026-27495 n8n is an open source workflow automation... 9.9 — n8n Feb 25 CRIT CVE-2026-27494 n8n is an open source workflow automation... 9.9 — n8n Feb 25 CRIT CVE-2026-27493 n8n is an open source workflow automation... 9.0 — n8n Feb 25 CRIT CVE-2026-2635 MLflow Use of Default Password Authentication... 9.8 0.7% mlflow Feb 20 CRIT CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore... 10.0 0.1% semantic-kernel Feb 19 CRIT CVE-2026-2654 A weakness has been identified in huggingface... 9.8 — smolagents Feb 18 CRIT CVE-2026-25592 Semantic Kernel is an SDK used to build,... 9.9 0.1% semantic-kernel Feb 6 CRIT CVE-2026-25115 n8n is an open source workflow automation... 9.9 — n8n Feb 4 CRIT CVE-2026-25053 n8n is an open source workflow automation... 9.9 — n8n Feb 4 CRIT CVE-2026-25052 n8n is an open source workflow automation... 9.9 — n8n Feb 4 CRIT CVE-2026-25049 n8n is an open source workflow automation... 9.9 — n8n Feb 4 CRIT CVE-2026-22778 vLLM is an inference and serving engine for large... 9.8 0.1% vllm Feb 2 CRIT CVE-2026-25481 Langroid has WAF Bypass Leading to RCE in... — 0.0% — Feb 2 CRIT CVE-2026-25130 CAI find_file Agent Tool has Command Injection... 9.7 0.0% — Jan 30 CRIT CVE-2026-1470 n8n contains a critical Remote Code Execution... 9.9 — n8n Jan 27 CRIT CVE-2025-13374 The Kalrav AI Agent plugin for WordPress is... 9.8 — — Jan 24 CRIT CVE-2026-22807 vLLM is an inference and serving engine for large... 9.8 0.0% vllm Jan 21 CRIT CVE-2026-0863 Using string formatting and exception handling,... 9.9 — n8n Jan 18 CRIT CVE-2026-21877 n8n is an open source workflow automation... 9.9 — n8n Jan 8 CRIT CVE-2026-21858 n8n is an open source workflow automation... 10.0 — n8n Jan 8 CRIT CVE-2026-21445 Langflow is a tool for building and deploying... 9.1 0.1% langflow Jan 2 CRIT CVE-2025-68668 n8n is an open source workflow automation... 9.9 — n8n Dec 26 CRIT CVE-2025-68665 LangChain is a framework for building LLM-powered... 9.1 — langchain.js Dec 23 CRIT CVE-2025-63389 A critical authentication bypass vulnerability... 9.8 — ollama Dec 18 CRIT CVE-2025-67511 Cybersecurity AI (CAI) is an open-source... 9.6 0.2% — Dec 11 CRIT CVE-2025-34351 Ray's New Token Authentication is Disabled By... — 0.5% ray Nov 27 CRIT CVE-2025-62593 Ray is vulnerable to Critical RCE via Safari &... — 0.0% ray Nov 26 CRIT CVE-2025-62608 MLX is an array framework for machine learning on... 9.1 0.1% mlx Nov 21 CRIT CVE-2025-12060 The keras.utils.get_file API in Keras, when used... 9.8 0.1% keras Oct 30 CRIT CVE-2025-11201 MLflow Tracking Server Model Creation Directory... 9.8 9.1% mlflow Oct 29 CRIT CVE-2025-11200 MLflow Weak Password Requirements Authentication... 9.8 0.2% mlflow Oct 29 CRIT CVE-2025-49655 Deserialization of untrusted data can occur in... 9.8 0.0% keras Oct 17 CRIT GHSA-m9mp-6x32-5rhg scio is vunerable to Remote Command Execution... — — — Oct 9 CRIT CVE-2025-59434 Flowise is a drag & drop user interface to build... 9.6 — — Sep 22 CRIT CVE-2025-9556 Langchaingo supports the use of jinja2 syntax... 9.8 — — Sep 12 CRIT CVE-2025-55526 n8n-workflows Main Commit ee25413 allows... 9.1 — fastapi Aug 26

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial