AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 524 results — High severity

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2026-33497 Langflow is a tool for building and deploying... 7.5 — langflow Mar 24 HIGH CVE-2026-33484 Langflow is a tool for building and deploying... 7.5 — langflow Mar 24 HIGH CVE-2026-33053 Langflow is a tool for building and deploying... 8.8 0.0% langflow Mar 20 HIGH CVE-2026-33236 NLTK has a Downloader Path Traversal... 8.1 0.0% — Mar 19 HIGH CVE-2026-33155 DeepDiff has Memory Exhaustion DoS through... — 0.0% — Mar 18 HIGH CVE-2025-14287 A command injection vulnerability exists in... 7.5 0.1% mlflow Mar 16 HIGH CVE-2026-27826 MCP Atlassian has SSRF via unvalidated... 8.2 0.1% mcp-atlassian Mar 10 HIGH GHSA-5r2p-pjr8-7fh7 SageMaker Python SDK replaced eval() with safe... — — sagemaker Mar 5 HIGH CVE-2026-25048 xgrammar vulnerable to DoS via multi-layer nesting — 0.1% xgrammar Mar 5 HIGH CVE-2026-25750 Langchain Helm Charts are Helm charts for... 8.1 — langsmith Mar 4 HIGH GHSA-5hwf-rc88-82xm Fickling missing RCE-capable modules in... — — fickling Mar 4 HIGH GHSA-wccx-j62j-r448 Fickling has `always_check_safety()` bypass:... — — fickling Mar 4 HIGH CVE-2026-27905 BentoML is a Python library for building online... 7.8 0.0% bentoml Mar 3 HIGH CVE-2026-28416 Gradio is an open-source Python package designed... 8.6 0.0% gradio Feb 27 HIGH CVE-2026-28414 Gradio is an open-source Python package designed... 7.5 0.0% gradio Feb 27 HIGH CVE-2026-27498 n8n is an open source workflow automation... 8.8 — n8n Feb 25 HIGH CVE-2026-27497 n8n is an open source workflow automation... 8.8 — n8n Feb 25 HIGH GHSA-mxhj-88fx-4pcv Fickling: OBJ opcode call invisibility bypasses... — — fickling Feb 24 HIGH CVE-2026-2033 MLflow Tracking Server Artifact Handler Directory... 8.1 9.2% mlflow Feb 20 HIGH CVE-2026-2472 Google Cloud Vertex AI SDK affected by Stored... — 0.1% — Feb 20 HIGH CVE-2026-26286 SillyTavern is a locally installed user interface... 8.5 — — Feb 19 HIGH GHSA-97f8-7cmv-76j2 Picklescan (scan_pytorch) Bypass via dynamic eval... — — picklescan Feb 18 HIGH CVE-2026-1669 Arbitrary file read in the model loading... 7.5 0.0% keras Feb 11 HIGH CVE-2026-25580 Pydantic AI is a Python agent framework for... 8.6 0.0% pydantic-ai Feb 6 HIGH CVE-2026-21893 n8n is an open source workflow automation... 7.2 — n8n Feb 4 HIGH CVE-2026-25056 n8n is an open source workflow automation... 8.8 — n8n Feb 4 HIGH CVE-2026-25055 n8n is an open source workflow automation... 8.1 — n8n Feb 4 HIGH CVE-2025-61917 n8n is an open source workflow automation... 7.7 — n8n Feb 4 HIGH CVE-2026-1777 SageMaker Python SDK has Exposed HMAC 7.2 0.0% sagemaker Feb 2 HIGH GHSA-9m3x-qqw2-h32h picklescan missing detection by simple... — — picklescan Feb 2 HIGH CVE-2026-1117 Lollms has an Improper Access Control... 8.2 0.1% lollms Feb 2 HIGH CVE-2026-0599 A vulnerability in... 7.5 0.2% — Feb 2 HIGH CVE-2025-10279 In mlflow version 2.20.3, the temporary directory... 7.0 0.0% mlflow Feb 2 HIGH CVE-2026-24780 AutoGPT is a platform that allows users to... 8.8 0.1% — Jan 29 HIGH CVE-2026-24779 vLLM is an inference and serving engine for large... 7.1 0.0% vllm Jan 27 HIGH CVE-2026-24747 PyTorch is a Python package that provides tensor... 8.8 0.0% pytorch Jan 27 HIGH CVE-2026-0770 Langflow exec_globals Inclusion of Functionality... — 11.4% langflow Jan 23 HIGH CVE-2025-65098 Typebot is an open-source chatbot builder. In... 7.4 — — Jan 22 HIGH CVE-2026-21852 Claude Code is an agentic coding tool. Prior to... 7.5 — claude_code Jan 21 HIGH CVE-2025-66960 An issue in ollama v.0.12.10 allows a remote... 7.5 — ollama Jan 21 HIGH CVE-2025-66959 An issue in ollama v.0.12.10 allows a remote... 7.5 — ollama Jan 21 HIGH CVE-2025-33233 NVIDIA Merlin Transformers4Rec for all platforms... 7.8 — — Jan 20 HIGH CVE-2026-22219 Chainlit contain a server-side request forgery... 7.7 0.0% chainlit Jan 20 HIGH CVE-2026-0897 Google Keras Allocates Resources Without Limits... — 0.0% keras Jan 15 HIGH CVE-2025-15514 Ollama 0.11.5-rc0 through current version 0.13.5... 7.5 — ollama Jan 12 HIGH CVE-2024-58340 LangChain versions up to and including 0.3.1... 7.5 — langchain Jan 12 HIGH CVE-2024-58339 LlamaIndex (run-llama/llama_index) versions up to... 7.5 — llamaindex Jan 12 HIGH CVE-2024-14021 LlamaIndex (run-llama/llama_index) versions up to... 7.8 — llamaindex Jan 12 HIGH CVE-2026-22033 Label Studio is vulnerable to full account... — 0.0% label-studio Jan 12 HIGH CVE-2025-14279 MLFlow versions up to and including 3.4.0 are... 8.1 0.0% mlflow Jan 12

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial