Vulnerability Database

A comprehensive database of disclosed vulnerabilities in agentic AI systems, mapped to threats and mitigations with developer-focused analysis.

Total Vulnerabilities

Critical

High

Fixed

Severity:

Status:

Component:

Prompt Injection in LLM API

CVE-2024-001

Unvalidated user input allows prompt injection attacks against the language model.

Prompt InjectionLLMAPI

Affected Components:

LLM ComponentsAPI Gateway

HighOpen

CVSS Score

8.5

Discovered

2024-01-15

Model Poisoning via Training Data

CVE-2024-002

Malicious training data can poison the model and cause biased outputs.

Model PoisoningTrainingData

Affected Components:

Training PipelineData Validation

CriticalInvestigating

CVSS Score

9.1

Discovered

2024-01-10

Insufficient Access Controls

CVE-2024-003

Missing role-based access controls allow unauthorized access to AI system endpoints.

Access ControlAuthorizationAPI

Affected Components:

Access ControlAuthentication

MediumFixed

CVSS Score

6.5

Discovered

2024-01-05

Model Extraction Attack

CVE-2024-004

Adversaries can extract the trained model through repeated API queries.

Model ExtractionAPIPrivacy

Affected Components:

Model ServingRate Limiting

HighOpen

CVSS Score

7.8

Discovered

2024-01-12

Vulnerability Database

Prompt Injection in LLM API

Model Poisoning via Training Data

Insufficient Access Controls

Model Extraction Attack

🔧Developer Resources

Security Tools

Best Practices