AI Component

API

AI APIs are the boundary between the application and the model. Self-hosted inference servers (vLLM, Triton, Ollama, TGI) and third-party gateways (LiteLLM, OpenRouter) expose OpenAI-compatible endpoints, and the same web-app vulnerability classes appear here: missing or weak authentication on /v1/chat/completions, broken authorization between tenants, lack of rate limiting that lets an attacker drain quota or burn GPU time, and overly permissive CORS that leaks API keys from browser-side calls. The blast radius is unusual: a single auth-bypass on an inference endpoint exposes both data and compute, and in the case of paid hosted models, directly costs money. We have seen production CVEs across most popular self-hosted servers in the last 18 months. Defenses: require auth on every endpoint, per-tenant rate limits, separate key scopes for read vs admin, and pin server versions aggressively.

486
Total CVEs
25
Pages
Page 24 of 25
Current
Severity CVE CVSS
CRITICAL CVE-2026-50027 9.8
MEDIUM CVE-2026-58653 4.3
HIGH GHSA-qjpc-qf9m-xwmr 8.8
HIGH GHSA-rggc-m335-3wvj -
HIGH CVE-2026-45499 8.8
HIGH CVE-2026-33845 7.5
MEDIUM CVE-2026-14898 6.5
CRITICAL GHSA-vjc7-jrh9-9j86 10.0
MEDIUM CVE-2026-55438 5.8
HIGH CVE-2026-55436 7.4
MEDIUM CVE-2026-55435 5.4
MEDIUM CVE-2026-55434 6.5
MEDIUM CVE-2026-55078 6.5
MEDIUM CVE-2026-55430 5.8
HIGH CVE-2026-55429 8.7
HIGH CVE-2026-55076 7.4
MEDIUM CVE-2026-34225 4.3
HIGH CVE-2026-48957 8.8
HIGH CVE-2026-53518 8.1
CRITICAL CVE-2026-59706 9.3

Page 24 of 25