AI Threat Alert
AI Component
API
AI API vulnerabilities affect the interfaces used to interact with language models and ML services — including authentication, rate limiting, input validation, and response handling.
225
Total CVEs
12
Pages
Page 12 of 12
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | GHSA-69x8-hrgq-fjj8 | LiteLLM: auth bypass chain enables full privilege escalation | litellm | - |
| MEDIUM | CVE-2026-39411 | LobeChat: auth bypass via forged XOR obfuscated header | @lobehub/lobehub | 5.0 |
| MEDIUM | CVE-2026-5803 | openai-realtime-ui: SSRF in API proxy endpoint | 6.3 | |
| MEDIUM | CVE-2026-1163 | lollms: sessions persist after password reset | lollms | 4.1 |
| HIGH | CVE-2026-40116 | PraisonAI: unauth WebSocket drains OpenAI API credits | praisonai | 7.5 |
Page 12 of 12