AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

New This Week

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 160 results — Critical severity, Active exploitation

CRITICAL EXPLOIT AVAIL

streamlit-geospatial: RCE via eval() on palette input

Code Execution Framework

streamlit-geospatial 2.8K 4 ATLAS

CRITICAL EXPLOIT AVAIL

TorchServe: URL bypass enables arbitrary model loading

Auth Bypass Supply Chain Code Execution Inference Framework

torchserve 21.7K 5 ATLAS

CRITICAL EXPLOIT AVAIL

Gradio: code injection via component metadata (CVSS 9.8)

Code Execution Supply Chain Framework Inference

gradio 674 4 ATLAS

CRITICAL EXPLOIT AVAIL

Langflow: unauthenticated RCE via custom component API

Code Execution Auth Bypass Supply Chain Framework Agent API

langflow CWE-94 5 ATLAS

CRITICAL EXPLOIT AVAIL SCANNER

ChuanhuChatGPT: path traversal exposes LLM API keys

Data Extraction Auth Bypass Data Leakage Framework API

chuanhuchatgpt 5 ATLAS

CRITICAL EXPLOIT AVAIL

pytorch-lightning: RCE via deepdiff Delta deserialization

Code Execution Supply Chain Framework

pytorch_lightning CWE-913 21.7K 5 ATLAS

CRITICAL EXPLOIT AVAIL

Gradio: CI/CD command injection enables secrets exfiltration

Supply Chain Code Execution Data Extraction Framework Inference API

gradio 674 5 ATLAS

CRITICAL EXPLOIT AVAIL

llama-cpp-python: SSTI in .gguf loader enables RCE

Code Execution Supply Chain Framework Model Inference

5 ATLAS

CRITICAL EXPLOIT AVAIL

Keras: RCE via malicious model deserialization

Code Execution Supply Chain Framework Model

keras CWE-94 1.5K 5 ATLAS

CRITICAL EXPLOIT AVAIL

MLflow: LFI via URI parsing allows arbitrary file read

Data Extraction Auth Bypass Framework

mlflow CWE-22 624 5 ATLAS

CRITICAL EXPLOIT AVAIL

BentoML: RCE via insecure deserialization (CVSS 10)

Code Execution Supply Chain Framework Inference

5 ATLAS

CRITICAL EXPLOIT AVAIL

HuggingFace Transformers: RCE via pickle deserialization

Code Execution Supply Chain Framework Model

transformers 7.8K 5 ATLAS

CRITICAL EXPLOIT AVAIL

gpt_academic: deserialization RCE, no auth required

Code Execution Data Extraction Framework API

gpt_academic 5 ATLAS

CRITICAL EXPLOIT AVAIL

LangChain TFIDFRetriever: SSRF/RCE via load_local

Code Execution Data Extraction Framework RAG

langchain 2.6K 5 ATLAS

CRITICAL EXPLOIT AVAIL

LangChain Experimental: RCE via Python sandbox escape

Code Execution Supply Chain Framework Agent

langchain-experimental 2.6K 4 ATLAS

CRITICAL EXPLOIT AVAIL

MLflow: XSS in recipe runner enables Jupyter RCE

Code Execution Supply Chain Framework

mlflow 624 5 ATLAS

CRITICAL EXPLOIT AVAIL

MLflow: XSS in recipes enables client-side RCE

Code Execution Supply Chain Data Extraction Framework Training Data

mlflow 624 5 ATLAS

CRITICAL EXPLOIT AVAIL

Gradio: unauthenticated LFI exposes full server filesystem

Data Extraction Data Leakage Auth Bypass Framework Inference API

gradio CWE-22 674 5 ATLAS

CRITICAL EXPLOIT AVAIL

LlamaIndex: SQL injection in Text-to-SQL feature

Code Execution Data Extraction Prompt Injection Framework Agent

llamaindex CWE-89 5 ATLAS

CRITICAL KEV SCANNER

Ray: unauthenticated RCE via job submission API

Code Execution Auth Bypass Framework Training Data Inference

ray CWE-829 845 6 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial

AI Security Threat Feed

Weekly CISO Take + top threats

Latest AI Security Threats

Need deeper analysis?