AI Threat Alert
Attack Type
Data Leakage
Data leakage vulnerabilities allow unauthorized access to sensitive data processed by AI systems — including PII in training data, API keys in prompts, or confidential information in model responses.
129
Total CVEs
7
Pages
Page 5 of 7
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2025-61917 | n8n: Info Disclosure leaks sensitive data | n8n | 7.7 |
| CRITICAL | CVE-2026-25052 | n8n: security flaw enables exploitation | n8n | 9.9 |
| UNKNOWN | CVE-2025-11203 | LiteLLM: Info Disclosure leaks sensitive data | - | |
| MEDIUM | CVE-2026-30886 | AI component: IDOR enables unauthorized data access | 6.5 | |
| MEDIUM | CVE-2026-28277 | langgraph: Deserialization enables RCE | langgraph | 6.8 |
| LOW | CVE-2026-25211 | llama-stack: security flaw enables exploitation | 3.2 | |
| MEDIUM | CVE-2025-68492 | chainlit: IDOR enables unauthorized data access | chainlit | 4.2 |
| HIGH | GHSA-9726-w42j-3qjr | picklescan: Path Traversal enables file access | picklescan | - |
| HIGH | CVE-2025-65958 | open-webui: SSRF allows internal network access | open-webui | 8.5 |
| HIGH | CVE-2025-64104 | langgraph-checkpoint-sqlite: SQL Injection exposes database | langgraph-checkpoint-sqlite | 7.3 |
| MEDIUM | CVE-2025-51481 | Dagster: path traversal exposes arbitrary file read via gRPC | 6.6 | |
| MEDIUM | CVE-2025-6211 | llama-index: DocugamiReader MD5 hash collision drops chunks | llama-index-readers-docugami | 6.5 |
| HIGH | CVE-2025-6209 | llama_index: path traversal allows arbitrary file read | llama-index-core | 7.5 |
| MEDIUM | CVE-2025-3044 | llama-index ArxivReader: MD5 collision corrupts training data | llama-index-readers-papers | 5.3 |
| HIGH | CVE-2025-3046 | LlamaIndex Obsidian: symlink traversal exposes host files | llama-index-readers-obsidian | 7.5 |
| CRITICAL | CVE-2025-1793 | llama_index: SQL injection in vector store integrations | llama-index | 9.8 |
| HIGH | CVE-2025-47783 | Label Studio: XSS enables unauthorized actions via CSRF | label-studio | - |
| CRITICAL | CVE-2025-32428 | jupyter-remote-desktop-proxy: VNC network exposure | jupyter-remote-desktop-proxy | - |
| HIGH | CVE-2025-46417 | picklescan: scanner bypass enables DNS data exfiltration | picklescan | - |
| MEDIUM | CVE-2024-7045 | open-webui: missing authz exposes admin prompts | open-webui | 4.3 |