AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 311 results — Medium severity, no patch

Severity CVE ID Summary CVSS EPSS Package Date

MEDI CVE-2026-30886 New API is a large language mode (LLM) gateway... 6.5 — — Mar 23 MEDI CVE-2026-4538 A vulnerability was identified in PyTorch 2.10.0.... 5.3 — — Mar 22 MEDI CVE-2026-2589 The Greenshift – animation and page builder... 5.3 — — Mar 6 MEDI CVE-2026-28415 Gradio is an open-source Python package designed... 4.7 0.0% gradio Feb 27 MEDI CVE-2026-27167 Gradio is an open-source Python package designed... 5.9 0.0% gradio Feb 27 MEDI CVE-2026-27578 n8n is an open source workflow automation... 5.4 — n8n Feb 25 MEDI CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted... 6.6 0.3% — Feb 25 MEDI CVE-2026-27795 LangChain is a framework for building LLM-powered... 4.1 — — Feb 25 MEDI CVE-2025-12343 A flaw was found in FFmpeg’s TensorFlow backend... 5.5 — — Feb 18 MEDI CVE-2026-26019 LangChain is a framework for building LLM-powered... 4.1 — langchain_community Feb 11 MEDI CVE-2026-25631 n8n is an open source workflow automation... 6.5 — n8n Feb 6 MEDI CVE-2026-25054 n8n is an open source workflow automation... 5.4 — n8n Feb 4 MEDI CVE-2026-25051 n8n is an open source workflow automation... 5.4 — n8n Feb 4 MEDI GHSA-gpx9-96j6-pp87 TaskWeaver has Protection Mechanism Failure and... 6.5 — — Jan 28 MEDI CVE-2026-24123 BentoML is a Python library for building online... 6.5 0.0% bentoml Jan 26 MEDI CVE-2025-68949 n8n is an open source workflow automation... 5.3 — n8n Jan 13 MEDI CVE-2025-14980 The BetterDocs plugin for WordPress is vulnerable... 6.5 — — Jan 9 MEDI CVE-2026-21894 n8n is an open source workflow automation... 6.5 — n8n Jan 8 MEDI CVE-2025-14371 The Tag, Category, and Taxonomy Manager – AI... 4.3 — — Jan 6 MEDI CVE-2025-68697 n8n is an open source workflow automation... 5.4 — n8n Dec 26 MEDI CVE-2025-61914 n8n is an open source workflow automation... 5.4 — n8n Dec 26 MEDI CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side... 6.3 0.0% — Dec 23 MEDI CVE-2025-68477 Langflow is a tool for building and deploying... 6.5 0.0% langflow Dec 19 MEDI CVE-2025-63390 An authentication bypass vulnerability exists in... 5.3 — — Dec 18 MEDI CVE-2025-13922 The Tag, Category, and Taxonomy Manager – AI... 6.5 — — Dec 6 MEDI CVE-2025-13359 The Tag, Category, and Taxonomy Manager – AI... 6.5 — — Dec 3 MEDI CVE-2025-13354 The Tag, Category, and Taxonomy Manager – AI... 4.3 — — Dec 3 MEDI CVE-2025-62426 vLLM is an inference and serving engine for large... 6.5 0.1% vllm Nov 21 MEDI CVE-2025-62372 vLLM is an inference and serving engine for large... 6.5 0.1% vllm Nov 21 MEDI CVE-2025-12732 The WP Import – Ultimate CSV XML Importer for... 4.3 — — Nov 12 MEDI CVE-2025-11972 The Tag, Category, and Taxonomy Manager – AI... 4.9 — — Nov 8 MEDI CVE-2025-12360 The Better Find and Replace – AI-Powered... 4.3 — — Nov 6 MEDI CVE-2025-12695 The overly permissive sandbox configuration in... 5.9 0.0% — Nov 4 MEDI CVE-2025-11844 Hugging Face Smolagents version 1.20.0 contains... 5.4 0.0% smolagents Oct 22 MEDI CVE-2025-60511 Moodle OpenAI Chat Block plugin 3.0.1... 4.3 — — Oct 21 MEDI CVE-2025-55556 TensorFlow v2.18.0 was discovered to output... 6.5 — tensorflow Sep 25 MEDI CVE-2025-55554 pytorch v2.8.0 was discovered to contain an... 5.3 — pytorch Sep 25 MEDI CVE-2025-46153 PyTorch before 3.7.0 has a bernoulli_p decompose... 5.3 — pytorch Sep 25 MEDI CVE-2025-46152 In PyTorch before 2.7.0, bitwise_right_shift... 5.3 — pytorch Sep 25 MEDI CVE-2025-46150 In PyTorch before 2.7.0, when torch.compile is... 5.3 — pytorch Sep 25 MEDI CVE-2025-46149 In PyTorch before 2.7.0, when inductor is used,... 5.3 — pytorch Sep 25 MEDI CVE-2025-46148 In PyTorch through 2.6.0, when eager is used,... 5.3 — pytorch Sep 25 MEDI CVE-2025-58177 n8n is an open source workflow automation... 5.4 — n8n Sep 15 MEDI CVE-2025-6051 A Regular Expression Denial of Service (ReDoS)... 5.3 0.0% transformers Sep 14 MEDI CVE-2025-57749 n8n is a workflow automation platform. Before... 6.5 — n8n Aug 20 MEDI CVE-2025-52478 n8n is a workflow automation platform. From... 5.4 — n8n Aug 19 MEDI CVE-2025-54952 ExecuTorch integer overflow vulnerability leads... — 0.2% executorch Aug 8 MEDI CVE-2025-44779 An issue in Ollama v0.1.33 allows attackers to... 6.6 — ollama Aug 7 MEDI CVE-2025-5197 A Regular Expression Denial of Service (ReDoS)... 5.3 0.0% transformers Aug 6 MEDI GHSA-r54c-2xmf-2cf3 MS SWIFT Deserialization RCE Vulnerability — — — Jul 31

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial