AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,604
AI/ML CVEs Tracked
225
Critical
78
New This Week
16
In CISA KEV
Latest AI Security Threats
Showing 20 of 910 results — Active exploitation Severity CVE ID Summary CVSS EPSS Package Date
CRIT E CVE-2025-12060 keras: Path Traversal enables file access 9.8 0.1% keras Oct 30 LOW E CVE-2025-50736 pdf2zh: security flaw enables exploitation — 0.0% — Oct 30 HIGH E CVE-2025-64104 langgraph-checkpoint-sqlite: SQL Injection exposes database 7.3 0.0% langgraph-checkpoint-sqlite Oct 29 CRIT E CVE-2025-11201 mlflow: Path Traversal enables file access 9.8 9.8% mlflow Oct 29 MEDI E CVE-2025-12058 Keras: safe_mode bypass enables file read and SSRF — 0.1% keras Oct 29 HIGH E CVE-2025-8709 langgraph-checkpoint-sqlite: SQL Injection exposes database 7.3 0.0% langgraph-checkpoint-sqlite Oct 26 MEDI E CVE-2025-11844 smolagents: security flaw enables exploitation 5.4 0.0% smolagents Oct 22 MEDI E CVE-2025-60511 Moodle: IDOR enables unauthorized data access 4.3 0.0% — Oct 21 CRIT E CVE-2025-49655 keras: Deserialization enables RCE 9.8 0.1% keras Oct 17 CRIT E CVE-2025-61913 Flowise: path traversal in file tools leads to RCE 9.9 0.8% flowise Oct 8 HIGH E CVE-2025-6242 vLLM: SSRF in media loader exposes internal network 7.1 0.1% vllm Oct 7 HIGH E CVE-2025-61784 LLaMA-Factory: SSRF+LFI in multimodal chat API 8.1 0.1% llamafactory Oct 7 HIGH E CVE-2025-59425 vLLM: timing attack enables API key bypass 7.5 0.4% vllm Oct 7 HIGH E CVE-2025-6985 langchain-text-splitters: XXE enables arbitrary file read 7.5 0.2% langchain-text-splitters Oct 6 HIGH E CVE-2025-61687 Flowise: unrestricted file upload enables persistent RCE 8.8 0.3% flowise Oct 6 MEDI E CVE-2025-8917 clearml: path traversal in safe_extract → RCE risk 5.8 0.0% clearml Oct 5 HIGH E CVE-2025-7647 llama-index-core: insecure /tmp dir, model theft risk 7.3 0.0% llama-index-core Sep 27 HIGH E CVE-2025-55560 PyTorch: DoS via sparse/dense tensor Inductor compile 7.5 0.1% pytorch Sep 25 HIGH E CVE-2025-55559 TensorFlow: DoS via Conv2D valid padding crash 7.5 0.1% tensorflow Sep 25 HIGH E CVE-2025-55558 PyTorch: Inductor compiler buffer overflow causes DoS 7.5 0.1% pytorch Sep 25 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial