AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 435 results — High severity, Active exploitationlanggraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-64104 langgraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-8709 vLLM: SSRF in media loader exposes internal network
CVE-2025-6242 LLaMA-Factory: SSRF+LFI in multimodal chat API
CVE-2025-61784 vLLM: timing attack enables API key bypass
CVE-2025-59425 langchain-text-splitters: XXE enables arbitrary file read
CVE-2025-6985 Flowise: unrestricted file upload enables persistent RCE
CVE-2025-61687 llama-index-core: insecure /tmp dir, model theft risk
CVE-2025-7647 PyTorch: DoS via sparse/dense tensor Inductor compile
CVE-2025-55560 TensorFlow: DoS via Conv2D valid padding crash
CVE-2025-55559 PyTorch: Inductor compiler buffer overflow causes DoS
CVE-2025-55558 PyTorch: DoS via cummin+Inductor NameError in 2.7.0
CVE-2025-55557 PyTorch 2.7.0: DoS via proxy_tensor.py syntax error
CVE-2025-55553 PyTorch: integer overflow in rot90+randn_like causes DoS
CVE-2025-55552 PyTorch: DoS in linalg.lu via malformed slice op
CVE-2025-55551 Transformers: ReDoS in optimizer halts training pipelines
CVE-2025-6921 Flowise: unauthenticated SSRF exposes internal network
CVE-2025-59527 Keras: safe_mode bypass enables RCE via model load
CVE-2025-9906 Keras: safe_mode bypass enables RCE via .h5 model files
CVE-2025-9905 picklescan: file extension bypass allows model RCE
CVE-2025-10155 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial