EresusSecurity
ResourceResources

Language Model Security DB

A curated hub for security-relevant model issues, integration weaknesses, and recurring attack classes across the AI ecosystem.

Talk to EresusResources
Risk & Regulation Signals

Confusing product flaws, model behavior, and supply chain failures.

Losing organizational memory on AI-specific weaknesses.

Underestimating recurring attack classes because incidents look different on the surface.

Built For

Researchers tracking repeated AI attack classes.

Teams building internal threat knowledge around models and integrations.

Engineers who need a map of patterns, not just one-off headlines.

Use Cases

Use the page as a hub into advisories, research, and recurring issue classes.

Track the difference between model bugs, integration bugs, and deployment bugs.

Create a shared vocabulary for AI security review.

Related Content

AI Security

OWASP Top 10 for LLMs: The Definitive Guide to AI Vulnerabilities

Explore the official OWASP Top 10 for Large Language Models (LLMs). From Prompt Injection to Supply Chain Attacks, learn how to secure your enterprise...

2026-04-14Read
GenAI

AI Safety vs. AI Security: Understanding the Fundamental Differences in Enterprise ML

Discover the critical distinctions between AI Safety (protecting humans from AI) and AI Security (protecting AI from malicious threat actors and hackers).

2026-04-14Read
Offensive Security

AI Supply Chain Attacks: The Hidden Trojans Inside Open-Source LLMs

Discover the severe threat of AI Supply Chain attacks via platforms like Hugging Face. How attackers leverage Pickle payloads and backdoored...

2026-04-14Read

Related Advisories

Security Vulnerability

Unauthenticated Remote Code Execution via Arbitrary Command Injection in MCPHub Server Registration

MCPHub accepts attacker-controlled command and args values during server registration and spawns them through STDIO, enabling full remote code execution on the host.

2026-04-22Read
Security Vulnerability

Authentication Bypass via skipAuth Configuration Grants Full Admin Access in MCPHub

When skipAuth is enabled, MCPHub bypasses both authentication and admin authorization checks, allowing any unauthenticated user to access privileged API functionality.

2026-04-22Read

Frequently Asked Questions

Is this already a searchable database?

Not yet. In this phase it is a curated resource hub with room to become a deeper searchable system later.

Why create this separately from the blog?

Because practitioners often need an attack-class map, not just a chronological stream of posts.

Need help validating this attack surface?

Talk with Eresus Security about scoped testing, threat modeling, and remediation priorities for this workflow.

Talk to Eresus