AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 167 results — has patch

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2026-33497 Langflow is a tool for building and deploying... 7.5 — langflow Mar 24 CRIT CVE-2026-33309 Langflow is a tool for building and deploying... 9.9 — langflow Mar 24 CRIT CVE-2025-15031 A vulnerability in MLflow's pyfunc extraction... 9.1 0.0% mlflow Mar 18 HIGH CVE-2025-14287 A command injection vulnerability exists in... 7.5 0.1% mlflow Mar 16 MEDI GHSA-5cxw-w2xg-2m8h fickling's `platform` module subprocess... — — fickling Mar 13 MEDI GHSA-r48f-3986-4f9c fickling modules linecache, difflib and gc are... — — fickling Mar 13 CRIT CVE-2026-27825 MCP Atlassian has an arbitrary file write leading... 9.1 0.0% mcp-atlassian Mar 10 HIGH CVE-2026-27826 MCP Atlassian has SSRF via unvalidated... 8.2 0.1% mcp-atlassian Mar 10 HIGH GHSA-5r2p-pjr8-7fh7 SageMaker Python SDK replaced eval() with safe... — — sagemaker Mar 5 MEDI CVE-2026-28277 LangGraph checkpoint loading has unsafe msgpack... 6.8 0.0% langgraph Mar 5 HIGH CVE-2026-25048 xgrammar vulnerable to DoS via multi-layer nesting — 0.1% xgrammar Mar 5 HIGH GHSA-5hwf-rc88-82xm Fickling missing RCE-capable modules in... — — fickling Mar 4 HIGH GHSA-wccx-j62j-r448 Fickling has `always_check_safety()` bypass:... — — fickling Mar 4 CRIT GHSA-g38g-8gr9-h9xp PickleScan has multiple stdlib modules with... 9.8 — picklescan Mar 3 CRIT GHSA-vvpj-8cmc-gx39 PickleScan's pkgutil.resolve_name has a universal... 10.0 — picklescan Mar 3 CRIT GHSA-7wx9-6375-f5wh PickleScan's profile.run blocklist mismatch... 9.8 — picklescan Mar 3 MEDI GHSA-mhc9-48gj-9gp3 Fickling has safety check bypass via REDUCE+BUILD... — — fickling Feb 25 HIGH GHSA-mxhj-88fx-4pcv Fickling: OBJ opcode call invisibility bypasses... — — fickling Feb 24 CRIT CVE-2026-2635 MLflow Use of Default Password Authentication... 9.8 0.7% mlflow Feb 20 HIGH CVE-2026-2033 MLflow Tracking Server Artifact Handler Directory... 8.1 9.2% mlflow Feb 20 MEDI CVE-2026-27482 Ray dashboard DELETE endpoints allow... 5.9 0.0% ray Feb 20 LOW GHSA-83pf-v6qq-pwmr Fickling has a detection bypass via stdlib... — — fickling Feb 20 CRIT CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore... 10.0 0.1% semantic-kernel Feb 19 HIGH GHSA-97f8-7cmv-76j2 Picklescan (scan_pytorch) Bypass via dynamic eval... — — picklescan Feb 18 CRIT CVE-2026-25592 Semantic Kernel is an SDK used to build,... 9.9 0.1% semantic-kernel Feb 6 HIGH CVE-2026-25580 Pydantic AI is a Python agent framework for... 8.6 0.0% pydantic-ai Feb 6 MEDI CVE-2026-25640 Pydantic AI is a Python agent framework for... 5.4 0.0% pydantic-ai Feb 6 HIGH CVE-2026-1777 SageMaker Python SDK has Exposed HMAC 7.2 0.0% sagemaker Feb 2 MEDI CVE-2026-1778 SageMaker Python SDK has Insecure TLS... 5.9 0.0% sagemaker Feb 2 MEDI GHSA-m7j5-r2p5-c39r picklescan vulnerable to arbitrary file create... — — picklescan Feb 2 HIGH GHSA-9m3x-qqw2-h32h picklescan missing detection by simple... — — picklescan Feb 2 HIGH CVE-2026-1117 Lollms has an Improper Access Control... 8.2 0.1% lollms Feb 2 MEDI CVE-2025-6208 llama-index-core vulnerable to Uncontrolled... 5.3 0.0% llama-index-core Feb 2 HIGH CVE-2025-10279 In mlflow version 2.20.3, the temporary directory... 7.0 0.0% mlflow Feb 2 HIGH CVE-2026-22219 Chainlit contain a server-side request forgery... 7.7 0.0% chainlit Jan 20 HIGH CVE-2026-0897 Google Keras Allocates Resources Without Limits... — 0.0% keras Jan 15 MEDI CVE-2025-68492 Chainlit contains an authorization bypass... 4.2 0.0% chainlit Jan 14 HIGH CVE-2025-14279 MLFlow versions up to and including 3.4.0 are... 8.1 0.0% mlflow Jan 12 HIGH CVE-2026-22612 Fickling vulnerable to detection bypass due to... — 0.1% fickling Jan 9 HIGH CVE-2026-22609 Fickling has Static Analysis Bypass via... — 0.1% fickling Jan 9 HIGH CVE-2026-22608 Fickling vulnerable to use of ctypes and pydoc... — 0.0% fickling Jan 9 HIGH CVE-2026-22607 Fickling Blocklist Bypass: cProfile.run() — 0.1% fickling Jan 9 HIGH CVE-2026-22606 Fickling has a bypass via runpy.run_path() and... — 0.1% fickling Jan 9 HIGH GHSA-mcmc-2m55-j8jj vLLM introduced enhanced protection for... 8.8 — vllm Jan 8 HIGH GHSA-9726-w42j-3qjr picklescan has Arbitrary file read using... — — picklescan Jan 8 MEDI CVE-2026-21851 MONAI has Path Traversal (Zip Slip) in NGC... 5.3 0.0% monai Jan 6 HIGH GHSA-46h3-79wf-xr6c Picklescan is vulnerable to RCE via missing... — — picklescan Dec 30 HIGH GHSA-955r-x9j8-7rhh Picklescan is vulnerable to RCE via missing... — — picklescan Dec 30 MEDI GHSA-6556-fwc2-fg2p Picklescan is vulnerable to RCE through missing... — — picklescan Dec 30 HIGH GHSA-rrxm-2pvv-m66x Picklescan is vulnerable to RCE via missing... — — picklescan Dec 30

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial