Live production AI watch - 5 July 2026

What operators should check this week.

PAI Watch joins the public AI record with known exploited vulnerabilities, vendor changes, model and tool releases, incidents, and evidence-backed operator signals.

Priority read

The first six checks.

These are not recommendations to panic. They are the records and exploited items most likely to change an operator conversation this week.

incidents

FedRAMP workspace functionality degradation

Multiple features in FedRAMP workspaces are experiencing issues: Codex, workspace analytics, conversation search, custom GPT search, ChatGPT user invites, and Compliance Logs Platform download endpoint. Core functionality has been restored but known ongoing issues remain under investigation.

Operator read: Check dependency exposure, fallback plans, customer commitments, and incident communications tied to this provider or service.
Open source trail ->
security

CVE-2026-45659: Microsoft SharePoint Server

Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability

Operator read: Review any AI workload, notebook, model-serving, or developer-tool exposure before relying on the affected component.
Open source trail ->
incidents

Project status change failures in multiple regions

Compute capacity degradation affecting project restart and resize operations across 16 regions since June 30. Error rates are trending down with improved availability for smaller compute sizes. Upgrading to Postgres 17.6.1.121 or higher provides access to additional machine types.

Operator read: Check dependency exposure, fallback plans, customer commitments, and incident communications tied to this provider or service.
Open source trail ->
security

CVE-2026-48558: SimpleHelp SimpleHelp

SimpleHelp Authentication Bypass Vulnerability

Operator read: Review any AI workload, notebook, model-serving, or developer-tool exposure before relying on the affected component.
Open source trail ->
security

CVE-2026-12569: PTC Windchill and FlexPLM

PTC Windchill and FlexPLM Improper Input Validation Vulnerability

Operator read: Review any AI workload, notebook, model-serving, or developer-tool exposure before relying on the affected component.
Open source trail ->
security

CVE-2026-20230: Cisco Unified Communications Manager

Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

Operator read: Review any AI workload, notebook, model-serving, or developer-tool exposure before relying on the affected component.
Open source trail ->

Incidents and outages

Service failures, degraded AI systems, and operational events with a source trail.

incident
1 July 2026

FedRAMP workspace functionality degradation

Multiple features in FedRAMP workspaces are experiencing issues: Codex, workspace analytics, conversation search, custom GPT search, ChatGPT user invites, and Compliance Logs Platform download endpoint. Core functionality has been restored but known ongoing issues remain under investigation.

incident95%2 sourcesD4
Open the incident record and confirm affected services.
incident
30 June 2026

Project status change failures in multiple regions

Compute capacity degradation affecting project restart and resize operations across 16 regions since June 30. Error rates are trending down with improved availability for smaller compute sizes. Upgrading to Postgres 17.6.1.121 or higher provides access to additional machine types.

incident95%2 sourcesD4
Open the incident record and confirm affected services.
incident
19 June 2026

IDE plugin supply-chain key theft pattern

Malicious IDE plugins exfiltrating API keys highlight a toolchain gap in MSP and enterprise AI security reviews.

incident84%2 sourcesD7
Open the incident record and confirm affected services.
incident
18 June 2026

Autonomous agent bankruptcy — DN42 operator cost overrun

Forensic record of an autonomous agent deployment that exhausted operator funds when spend governance and circuit breakers were absent.

incident84%2 sourcesD4
Open the incident record and confirm affected services.
incident
5 June 2026

Network latency and packet loss in India (Delhi, Chennai, Mumbai)

A fire at a third-party data center facility in Delhi caused emergency power shutdown of networking equipment, isolating a Point of Presence and reducing network capacity. Hybrid Connectivity, VPC, and Media CDN customers experienced intermittent latency spikes and packet loss from June 5 to June 26, 2026. Service was restored after capacity augmentation and rerouting.

incident95%2 sourcesD4
Open the incident record and confirm affected services.
incident
29 May 2026

OpenAI multi-service outage (2026-05-29)

Production AI Institute incident record tracking a multi-service outage affecting OpenAI API consumers on 2026-05-29. See referenced sources for the official status timeline; PSF impact is mapped to provider fallback and observability domains.

incident86%3 sourcesD4
Open the incident record and confirm affected services.
incident
29 May 2026

OpenAI Multi-Service Outage (ChatGPT, Login, Access)

On 29 May 2026 OpenAI's public status history recorded four separate incidents the same day affecting ChatGPT conversations, login and account creation, ChatGPT access, and business subscription checkout. Teams routing production workloads through a single OpenAI dependency experienced correlated f…

incident80%2 sourcesD4
Open the incident record and confirm affected services.
incident
1 Jan 2026

Binnall Law Claude Console Phantom Citations in Federal Court

Federal counsel used Anthropic Claude Console to draft a May 2026 motion that included quotations not found in the cited cases. The firm apologised to the court and committed to citation verification via established legal research platforms.

incident80%2 sourcesD2
Open the incident record and confirm affected services.

Known exploited vulnerabilities

CISA KEV items that intersect AI delivery, remote access, managed environments, or operator security.

security
1 July 2026

CVE-2026-45659: Microsoft SharePoint Server

Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability

known exploitedAI stackDue 4 July 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
29 June 2026

CVE-2026-48558: SimpleHelp SimpleHelp

SimpleHelp Authentication Bypass Vulnerability

known exploitedAI stackDue 2 July 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
25 June 2026

CVE-2026-12569: PTC Windchill and FlexPLM

PTC Windchill and FlexPLM Improper Input Validation Vulnerability

known exploitedAI stackDue 28 June 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
25 June 2026

CVE-2026-20230: Cisco Unified Communications Manager

Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

known exploitedAI stackDue 28 June 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
23 June 2026

CVE-2025-67038: Lantronix EDS5000

Lantronix EDS5000 Code Injection Vulnerability

known exploitedAI stackDue 26 June 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
23 June 2026

CVE-2026-34910: Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Input Validation Vulnerability

known exploitedAI stackDue 26 June 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
23 June 2026

CVE-2026-34909: Ubiquiti UniFi OS

Ubiquiti UniFi OS Path Traversal Vulnerability

known exploitedAI stackDue 26 June 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
security
23 June 2026

CVE-2026-34908: Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Access Control Vulnerability

known exploitedAI stackDue 26 June 2026
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.

Vendor and policy changes

Data-use disclosures, source changes, and policy records that can alter client obligations.

change
1 July 2026

July 2026 Policy Change Watch edition

Monthly AI Data Use Index review: Cursor agent permissions documentation and GitHub Copilot policy pages checked; no material training-use reversals; permissions.json schema now on the public record.

policy change84%2 sourcesD3
Compare the disclosure against current client policy language.
change
16 June 2026

TensorZero repository archived after seed funding

TensorZero archived its public GitHub repository days after announcing seed funding, surfacing vendor-supply-chain risk for teams that pinned production dependencies on the OSS stack.

source change84%2 sourcesD8
Open the source trail and update the relevant watch list.
change
15 June 2026

Adobe Firefly — AI data-use disclosure

No customer-content training. Adobe says Firefly does not train on customer data and that Firefly uses commercially safe datasets such as licensed content and public-domain material.

disclosure82%2 sourcesD3
Compare the disclosure against current client policy language.
change
15 June 2026

Canva — AI data-use disclosure

Depends on privacy settings. Canva says privacy settings control whether general usage data and User Content can improve AI-powered features, and that Canva Education User Content is not used for AI training.

disclosure82%2 sourcesD3
Compare the disclosure against current client policy language.
change
15 June 2026

ChatGPT — AI data-use disclosure

User-controlled. OpenAI says ChatGPT conversations may be used to improve models unless the user turns off model improvement in Data Controls.

disclosure82%2 sourcesD3
Compare the disclosure against current client policy language.
change
15 June 2026

Cursor — AI data-use disclosure

Depends on Privacy Mode. Cursor says code is not used for training when Privacy Mode is enabled; when Privacy Mode is off, Cursor may use stored codebase data, prompts, editor actions, and snippets to improve AI features and train models.

disclosure82%2 sourcesD3
Compare the disclosure against current client policy language.
change
15 June 2026

GitHub Copilot — AI data-use disclosure

No training by default. GitHub says that by default it, its affiliates, and third parties do not use individual-subscriber Copilot data, including prompts, suggestions, and code snippets, for AI model training.

disclosure82%2 sourcesD3
Compare the disclosure against current client policy language.
change
15 June 2026

Microsoft 365 Copilot — AI data-use disclosure

Not used to train foundation models. Microsoft says files, communications, prompts, responses, and Microsoft Graph data used with Microsoft 365 Copilot are not used to train foundation models.

disclosure82%2 sourcesD3
Compare the disclosure against current client policy language.

Models, Lab, and evaluation

Model releases, Lab scorecards, Compass results, and production-readiness assessments.

No current item

No source-backed item in this lane.

The lane remains visible so absence is explicit rather than hidden.

Keep watching the source trail.

Record method and source trail

Records that explain how the public memory layer is being strengthened.

No current item

No source-backed item in this lane.

The lane remains visible so absence is explicit rather than hidden.

Keep watching the source trail.
Brief-ready view

Turn the watch board into an AI risk brief.

The risk brief is generated from the same records. It preserves the PAI source trail and converts operator signals into questions a team can use in an internal note, client update, board pack, or vendor review.

Saved watches

Tell us what to keep current.

Save a watch for vendors, tools, controls, vulnerabilities, or operating questions. The public record stays open. The saved watch tells us what should become an alert, brief, or evidence workflow for you.