Attack Type

Code Execution

Remote code execution (RCE) vulnerabilities in AI frameworks allow attackers to execute arbitrary code on servers running ML inference, training pipelines, or AI agent frameworks.

643

Total CVEs

Pages

Page 29 of 33

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2026-33744	BentoML: command injection in bentofile.yaml containerize	bentoml	7.8
CRITICAL	CVE-2026-33660	TensorFlow: type confusion NPD in tensor conversion	n8n	10.0
HIGH	CVE-2026-33665	n8n: LDAP email match enables permanent account takeover	n8n	8.2
HIGH	CVE-2026-33696	n8n: Prototype pollution enables RCE via workflow nodes	n8n	8.8
HIGH	CVE-2026-33713	n8n: SQLi in Data Table node, full DB compromise	n8n	8.8
CRITICAL	CVE-2026-33749	n8n: stored XSS enables credential theft via workflow	n8n	9.0
CRITICAL	GHSA-5mg7-485q-xm76	litellm: supply chain attack harvests AI API credentials	litellm	-
MEDIUM	GHSA-h8r8-wccr-v5f2	DOMPurify: mXSS bypass achieves XSS via parse-context switch		-
HIGH	CVE-2026-33989	@mobilenext/mobile-mcp: path traversal via AI agent tool		8.1
MEDIUM	GHSA-364x-8g5j-x2pr	n8n: stored XSS via malicious OAuth2 Authorization URL	n8n	5.4
MEDIUM	GHSA-3c7f-5hgj-h279	n8n: Stored XSS in Chat Trigger via CSS injection	n8n	5.4
CRITICAL	CVE-2025-15036	MLflow: path traversal enables sandbox escape, file overwrite	mlflow	9.6
CRITICAL	CVE-2025-15379	MLflow: RCE via unsanitized model dependency specs	mlflow	10.0
UNKNOWN	CVE-2026-2275	CrewAI: RCE via Docker fallback in CodeInterpreter		-
UNKNOWN	CVE-2026-2287	CrewAI: Docker sandbox fallback enables RCE		-
CRITICAL	GHSA-955r-262c-33jc	telnyx: PyPI supply chain attack steals cloud creds		-
HIGH	GHSA-m3mh-3mpg-37hw	OpenClaw: .npmrc hijack enables RCE on plugin install	openclaw	8.6
CRITICAL	CVE-2026-0596	MLflow: command injection via model_uri in mlserver mode		9.6
UNKNOWN	CVE-2026-22561	Claude Setup: DLL search-order hijacking LPE		-
MEDIUM	CVE-2026-34451	anthropic-ai/sdk: memory tool path traversal escape	@anthropic-ai/sdk	-

Page 29 of 33

Previous Next

Related Attack Types

Prompt Injection Data Extraction Jailbreak Supply Chain Model Poisoning Adversarial Examples

Code Execution

Related Attack Types

Weekly CISO Take + top threats