AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 910 results — Active exploitationkeras: Path Traversal enables file access
CVE-2025-12060 pdf2zh: security flaw enables exploitation
CVE-2025-50736 langgraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-64104 mlflow: Path Traversal enables file access
CVE-2025-11201 Keras: safe_mode bypass enables file read and SSRF
CVE-2025-12058 langgraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-8709 smolagents: security flaw enables exploitation
CVE-2025-11844 Moodle: IDOR enables unauthorized data access
CVE-2025-60511 keras: Deserialization enables RCE
CVE-2025-49655 Flowise: path traversal in file tools leads to RCE
CVE-2025-61913 vLLM: SSRF in media loader exposes internal network
CVE-2025-6242 LLaMA-Factory: SSRF+LFI in multimodal chat API
CVE-2025-61784 vLLM: timing attack enables API key bypass
CVE-2025-59425 langchain-text-splitters: XXE enables arbitrary file read
CVE-2025-6985 Flowise: unrestricted file upload enables persistent RCE
CVE-2025-61687 clearml: path traversal in safe_extract → RCE risk
CVE-2025-8917 llama-index-core: insecure /tmp dir, model theft risk
CVE-2025-7647 PyTorch: DoS via sparse/dense tensor Inductor compile
CVE-2025-55560 TensorFlow: DoS via Conv2D valid padding crash
CVE-2025-55559 PyTorch: Inductor compiler buffer overflow causes DoS
CVE-2025-55558 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial