Free Report · Threat Intelligence

AI/ML Stack Security Report
— H1 2026

Q: What's actually in the report?

A 6-page PDF: an executive summary, the methodology, and the Top 10 AI/ML packages ranked by active exploitation risk — each with its CVE count, criticals, CISA KEV status, public-exploit availability, peak EPSS score, and a CISO Take. Plus the H1 2026 threat patterns, a compliance mapping to ISO 42001 / EU AI Act, and five recommended actions. The PDF lands in your inbox immediately. No sales call, no demo request.

Q: Where does the data come from?

NVD, GitHub Advisory Database, CISA Known Exploited Vulnerabilities (KEV), FIRST EPSS, OSV, Nuclei templates, and public PoC trackers. Every CVE is cross-validated against NVD before inclusion. The figures are direct counts from the AI Threat Alert database as of 30 May 2026.

The Top 10 packages with active exploits and unpatched critical CVEs. Ranked by active exploitation, not by CVE count. Built by a practicing CISO.

We track 1,783 CVEs affecting AI/ML packages. 44% have public exploit code; 17 are in CISA KEV (actively exploited in the wild). This report ranks the 10 packages most under attack right now — and shows why the framework you adopted last year (Langflow, n8n, LiteLLM, Ollama) is a bigger exposure than the ML library you have run for a decade.

6-page PDF delivered to your inbox in under 60 seconds. By submitting, you agree to receive the report and occasional AI security updates. Unsubscribe in one click, anytime.

What's inside

The Top 10, ranked by active risk

Each package with its CVE count, criticals, CISA KEV entries, public-exploit availability, peak EPSS score, H1 2026 disclosures, and production exposure — plus a CISO Take on what to actually do about it.

Active exploitation, not CVE count

A proprietary risk score blends KEV status, EPSS, public-exploit availability, recency, and exposure. It surfaces where attackers are active now — the reason Langflow outranks TensorFlow despite a tenth of the CVEs.

Mapped to your risk register

A compliance section maps the findings to ISO 42001 and EU AI Act Articles 9 & 15, plus OWASP Top 10 for LLMs — so the data drops straight into your AI risk register and audit evidence.

What you'll see

Six pages, table-heavy, no filler. Built directly from the data — every number is traceable to its public source.

1
Executive summary — the headline numbers + three takeaways for a CISO 1,783 CVEs · 17 KEV
2
Methodology — data sources, scoring, and the H1-vs-H2 coverage caveat (stated honestly) NVD · KEV · EPSS
3
Top 10 packages ranked by active risk — the core table + per-package CISO Takes risk score 0–100
4
Key threat patterns in H1 2026 — where the surface is shifting — agents, frameworks, network-reachable defaults by category
5
Compliance implications — mapped to ISO 42001 / EU AI Act Art. 9 & 15 / OWASP LLM Top 10 risk register
6
Recommended actions — five immediate moves if you run any of the Top 10 patch · isolate · monitor

Who this is for — and who it is not

This is for you if

You are a CISO, Head of Security, or security engineer at an organisation running AI/ML in production
Your teams use LLM frameworks, agents, inference servers, or ML ops tooling (LangChain, Ollama, MLflow, vLLM, n8n…)
You need to know which packages are under active attack right now — not a list of 1,783 CVEs
You report AI risk into ISO 42001 / EU AI Act / OWASP LLM Top 10 and need defensible evidence
You want a self-contained briefing you can read in 10 minutes, not a sales call

This is not for you if

You don't run any AI/ML packages — this is stack-specific, not general AI policy
You want a model-safety / prompt-injection red-team guide — that is a different document
You are looking for a vendor comparison one-pager — this is an operational threat briefing

About this report

AI Threat Alert is the only operational threat-intelligence platform dedicated to the AI/ML stack. The report is a static snapshot of a live system that tracks 1,783+ AI/ML CVEs, CISA KEV status, EPSS scores, and public-exploit availability across 125+ packages — updated continuously by automated scrapers and curated by a practicing CISO. The platform turns this snapshot into stack-filtered breaking alerts: tell it the packages you run, and it notifies you the moment a critical or actively-exploited CVE affects one of them.

Questions

What's actually in the report?

A 6-page PDF: executive summary, methodology, the Top 10 packages ranked by active exploitation (each with CVE count, criticals, CISA KEV status, public-exploit availability, peak EPSS, and a CISO Take), the H1 2026 threat patterns, a compliance mapping, and five recommended actions. Delivered to your inbox immediately. No sales call, no demo request.

Where does the data come from?

NVD, GitHub Advisory Database, CISA KEV, FIRST EPSS, OSV, Nuclei templates, and public PoC trackers. Every CVE is cross-validated against NVD before inclusion. The figures are direct counts from the AI Threat Alert database as of 30 May 2026.

How is this different from running a CVE scanner?

A generic scanner ranks by CVE count or CVSS. This report ranks by active exploitation — a risk score that blends KEV status, EPSS, public-exploit availability, recency, and production exposure. That is why TensorFlow (434 CVEs but zero in KEV, peak EPSS 1.5%) ranks below Langflow (43 CVEs but 4 in KEV, peak EPSS 92.6%). Volume is a misleading risk signal; this corrects for it.

Get the report

The 6-page H1 2026 AI/ML Stack Security Report, free. Delivered immediately. Unsubscribe in one click.

Document classification: Public. TLP:CLEAR. Version 1.0 — 2026-05-30. Owner: Enrique Maza, AI Threat Alert.

Figures are point-in-time (cut-off 30 May 2026) and verifiable against the cited public sources (NVD, GitHub Advisory, CISA KEV, FIRST EPSS). This report is informational and does not constitute security or legal advice.

AI/ML Stack Security Report — H1 2026