AI Component

API

AI API vulnerabilities affect the interfaces used to interact with language models and ML services — including authentication, rate limiting, input validation, and response handling.

224

Total CVEs

Pages

Page 1 of 12

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2026-25750	langsmith: security flaw enables exploitation	langsmith	8.1
MEDIUM	CVE-2026-2589	Greenshift: Info Disclosure leaks sensitive data		5.3
UNKNOWN	CVE-2026-25083	GROWI: Missing Auth allows unauthorized operations		-
CRITICAL	CVE-2026-28500	onnx: Integrity Verification bypass enables tampering	onnx	9.1
CRITICAL	CVE-2026-33017	langflow: Code Injection enables RCE	langflow	9.8
HIGH	CVE-2026-33053	langflow: IDOR enables unauthorized data access	langflow	8.8
MEDIUM	CVE-2026-27167	gradio: Weak Credentials allow account compromise	gradio	5.9
HIGH	CVE-2026-28414	gradio: security flaw enables exploitation	gradio	7.5
MEDIUM	CVE-2026-28415	gradio: Info Disclosure leaks sensitive data	gradio	4.7
HIGH	CVE-2026-30820	Flowise: header spoof auth bypass exposes admin API & creds	flowise	8.8
CRITICAL	CVE-2026-27493	n8n: Code Injection enables RCE	n8n	9.0
CRITICAL	CVE-2026-27494	n8n: security flaw enables exploitation	n8n	9.9
CRITICAL	CVE-2026-27495	n8n: Code Injection enables RCE	n8n	9.9
HIGH	CVE-2026-27497	n8n: SQL Injection exposes database	n8n	8.8
HIGH	CVE-2026-27498	n8n: Code Injection enables RCE	n8n	8.8
CRITICAL	CVE-2026-27577	n8n: Code Injection enables RCE	n8n	9.9
MEDIUM	CVE-2026-27578	n8n: XSS enables session hijacking	n8n	5.4
HIGH	CVE-2022-35969	TensorFlow: DoS via malformed Conv2DBackpropInput	tensorflow	7.5
HIGH	CVE-2025-0649	TensorFlow Serving: JSON recursion DoS on inference API	tensorflow_serving	7.5
HIGH	CVE-2025-62164	vllm: Input Validation flaw enables exploitation	vllm	8.8

Page 1 of 12

Related AI Components

Framework Agent Model Inference Training Data RAG

API

Related AI Components

Weekly CISO Take + top threats