AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 570 results — Medium severity
MEDIUM

mistune: XSS via unescaped heading id= attribute

CVE-2026-44897
6.1
Code Execution Data Extraction Framework RAG
mistune Patch: 3.2.1 CWE-79 463 4 ATLAS
MEDIUM

mistune: math plugin XSS bypasses escape=True control

CVE-2026-44708
6.1
Code Execution Data Extraction Auth Bypass Plugin Framework
mistune CWE-79 463 4 ATLAS
MEDIUM

open-webui: XSS in pending overlay enables session hijack

CVE-2026-44568
4.8
Data Extraction Code Execution Social Engineering Inference Framework
open-webui Patch: 0.9.0 CWE-79 4 ATLAS
MEDIUM

n8n-MCP: credential logging exposes OAuth tokens in HTTP mode

CVE-2026-42282
4.3
Data Leakage Data Extraction Agent Plugin
CWE-532 4 ATLAS
MEDIUM

open-webui: RAG auth bypass exposes private files

CVE-2026-44560
6.5
Auth Bypass Data Extraction Privacy Violation RAG API Framework
open-webui Patch: 0.9.0 CWE-862 5 ATLAS
MEDIUM

open-webui: auth bypass exposes private group channels

CVE-2026-44561
5.4
Auth Bypass Data Extraction Privacy Violation API
open-webui Patch: 0.9.0 CWE-284 4 ATLAS
MEDIUM

open-webui: auth bypass in collaborative doc editing

CVE-2026-44564
5.4
Auth Bypass Prompt Injection DoS API Framework
open-webui Patch: 0.9.0 CWE-863 4 ATLAS
MEDIUM

open-webui: auth bypass exposes restricted LLM models

CVE-2026-44563
5.4
Auth Bypass Data Extraction Inference API
open-webui Patch: 0.9.0 CWE-862 5 ATLAS
MEDIUM

open-webui: missing authz enables model hijacking

CVE-2026-44562
6.5
Auth Bypass Model Poisoning Data Extraction Model API Framework
open-webui Patch: 0.9.0 CWE-862 5 ATLAS
MEDIUM

open-webui: private channel member list exposed to any user

CVE-2026-44559
4.3
Auth Bypass Data Extraction Privacy Violation API Framework
open-webui Patch: 0.9.0 CWE-862 4 ATLAS
MEDIUM

open-webui: auth bypass exposes all knowledge base metadata

CVE-2026-44557
4.3
Auth Bypass Data Extraction Privacy Violation RAG Framework API
open-webui Patch: 0.9.0 CWE-200 5 ATLAS
MEDIUM

open-webui: permission bypass exposes channels publicly

CVE-2026-44558
5.4
Auth Bypass Data Leakage API Framework
open-webui Patch: 0.9.0 CWE-863 3 ATLAS
MEDIUM

Open WebUI's Mass Assignment via Pydantic extra='allow' Allows Creating Folders in Other Users' Accounts

CVE-2026-44550
5.0
open-webui Patch: 0.9.0 CWE-862
MEDIUM

BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context

CVE-2026-40610
5.5
bentoml Patch: 1.4.39 CWE-59 22
MEDIUM

Vercel: Non-interactive mode includes CLI arguments in suggested command output

CVE-2026-44479
5.5
CWE-200
MEDIUM

@axonflow/openclaw fix introduces plugin cache and credential-file permission hardening

GHSA-cqmh-pcgr-q42f
5.5
@axonflow/openclaw Patch: 2.0.0 CWE-552 4
MEDIUM

vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

CVE-2026-44223
6.5
vllm Patch: 0.20.0 CWE-131 126
MEDIUM

vLLM Vulnerable to Remote DoS via Special-Token Placeholders

CVE-2026-44222
6.5
vllm Patch: 0.20.0 CWE-129 126
MEDIUM

wireshark-mcp vulnerable to arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

CVE-2026-43901
6.8
CWE-22
MEDIUM

OpenClaw's Webhooks SecretRef route secret remains valid after rotation/reload

GHSA-q8ff-7ffm-m3r9
6.0
openclaw Patch: 2026.4.23 CWE-613 4

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial