Intelligence Database · Est. 2026 · Open Access
NVD tracks what's in your servers. AIVulnDB tracks what's in your tools. Copilot, Cursor, ChatGPT, Gemini, Claude — every documented vulnerability, structured and searchable.
Get notified at launch
No spam. Launch announcement only. Unsubscribe anytime.
Attack Vector Taxonomy
Traditional CVE vectors — network, adjacent, local, physical — don't capture how AI tool vulnerabilities work. We built a taxonomy that does.
[PI]
Prompt Injection
Malicious instructions embedded in user input or retrieved content override the AI tool's intended behavior.
[TDP]
Training Data Poisoning
Adversarially crafted content introduced into training pipelines causes models to learn and reproduce malicious behaviors.
[MCP]
MCP Exploitation
Malicious Model Context Protocol tool definitions escalate privileges or exfiltrate data through trusted agent channels.
[PCL]
Plugin Context Leakage
Session state, memory, or conversation context bleeds across users or sessions through shared plugin infrastructure.
[IPI]
Indirect Prompt Injection
Instructions hidden in external content — files, emails, web pages — are processed by the AI and alter its behavior without user knowledge.
[MI]
Model Inversion
Repeated probing extracts memorized training data — PII, credentials, proprietary code — from a model's weights.
Status: Building
Open access. No paywall. Sourced from NVD, vendor advisories, and published security research.
Join the waitlist
No spam. Launch announcement only.