AI Weakness Enumeration

A comprehensive database and classification system for AI vulnerabilities. Helping researchers, developers, and organisations understand and mitigate risks in AI systems.

BrowseContributeLearn More

Our Mission

Comprehensive vulnerability tracking to help secure AI systems worldwide

We aim to create a comprehensive database and classification system for AI vulnerabilities, helping researchers, developers, and organisations understand and mitigate risks in AI systems.

Our standardised taxonomy enables systematic analysis and comparison of AI security issues, making it easier to identify patterns, share knowledge, and develop effective mitigation strategies.

By building this resource together as a community, we can better understand and address the evolving landscape of AI security challenges.

Comprehensive Database

A centralised repository of AI vulnerabilities, systematically catalogued and organised for easy discovery and analysis.

Standardised Classification

Consistent taxonomy and categorisation framework enabling systematic analysis and comparison of AI security issues.

Advanced Search

Powerful search capabilities to find vulnerabilities by type, model, severity, and other relevant criteria.

Community Driven

Built by and for the AI security community, with open contribution processes and transparent governance.

How to use AWE

  • Our Database is free to browse and use.
  • The Classification Taxonomies can be used separately to filter this database to identify specific vulnerabilities, for instance, vulnerabilities occurring pre-deployment or post-deployment or related to specific attack vectors.
  • The Classification Taxonomies can be used together to understand how different factors relate to each vulnerability type. For example, to identify the intentional and unintentional variations of specific vulnerability categories.
  • Offer feedback or suggest missing resources, or vulnerabilities, here.

We provide examples of use cases for some key audiences below.

  • For risk assessments to inform policy decisions.
  • As a way to monitor emergent vulnerabilities and ensure complete oversight.
  • To identify new, previously undocumented vulnerabilities.
  • To prioritise and plan funding.
  • To identify new, previously undocumented, vulnerabilities.
  • As a framework for discussing vulnerabilities and potential evaluations with clients.
  • As a basis for developing specific vulnerability determination criteria.
  • As a foundation for developing other classifications (e.g., the actions taken to address specific types of vulnerabilities, or the actors involved in those vulnerabilities).
  • To find underexplored areas of AI vulnerability research.
  • To develop material for education and training.
  • To help validate where they have identified new, previously undocumented, vulnerabilities.
  • To conduct internal vulnerability assessments.
  • To identify new, previously undocumented, vulnerabilities.
  • Evaluating vulnerability exposure and developing mitigation strategies.
  • To develop research and training.

Contribute to AWE

Help us build a comprehensive database of AI vulnerabilities. Your contributions make a difference in securing AI systems worldwide.

Guide For ContributorsSubmit a Vulnerability