AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 267 results — Medium severity, Active exploitationsmolagents: security flaw enables exploitation
CVE-2025-11844 Moodle: IDOR enables unauthorized data access
CVE-2025-60511 clearml: path traversal in safe_extract → RCE risk
CVE-2025-8917 TensorFlow: non-deterministic compilation breaks Embedding
CVE-2025-55556 PyTorch: integer overflow in nan_to_num causes DoS
CVE-2025-55554 Transformers: ReDoS in EnglishNormalizer exhausts CPU
CVE-2025-6051 xgrammar: DoS via oversized JSON schema grammar parsing
CVE-2025-58446 ExecuTorch: integer overflow enables RCE via model loading
CVE-2025-54952 Ollama: arbitrary file deletion via /api/pull
CVE-2025-44779 Transformers: ReDoS in TF-to-PyTorch weight converter
CVE-2025-5197 Ollama: auth token hijack via crafted WWW-Authenticate
CVE-2025-51471 Dagster: path traversal exposes arbitrary file read via gRPC
CVE-2025-51481 Transformers: ReDoS in DonutProcessor causes DoS
CVE-2025-3933 Contest Gallery WP Plugin: Stored XSS in OpenAI integration
CVE-2025-6716 OpenAI Operator: fullscreen spoofing captures credentials
CVE-2025-7021 llama-index: DocugamiReader MD5 hash collision drops chunks
CVE-2025-6211 llama-index Obsidian reader: hardlink path traversal leaks files
CVE-2025-6210 llama-index: JSONReader DoS via recursive JSON parsing
CVE-2025-5472 llama-index ArxivReader: MD5 collision corrupts training data
CVE-2025-3044 Transformers: ReDoS in dynamic module loader causes DoS
CVE-2025-3264 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial