Approximately 70% of cloud AI workloads contain at least one unremediated vulnerability

Tenable Research found CVE-2023-38545—a critical curl vulnerability—in 30% of cloud AI workloads

Machine learning-based discovery tools often identify 31% more API endpoints than those reported by enterprises.

21.5% of AI vulnerabilities are indirectly tied to APIs, including flaws in third-party integrations.

AI vulnerabilities increased by 1,025% from 2023 to 2024.

Over 50% of exploits in CISA’s Known Exploited Vulnerabilities (KEV) report were API-related in 2024, up from 20% in 2023.

77.4% of API-related vulnerabilities in AI products are directly API-related, such as weak API authentication, inadequate rate limiting, and broken access controls.

Only 1.1% of the vulnerabilities in AI products were entirely unrelated to APIs.

98.9% of AI vulnerabilities are API related.