AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 144 results — Active exploitation, has patch
MEDIUM EXPLOIT AVAIL

SageMaker SDK: MD5 collision silently replaces ML workflows

CVE-2025-0508
5.9
EPSS 0.1%
Supply Chain Model Poisoning Framework Training Data
sagemaker Patch: 2.237.3 CWE-328 51 3 ATLAS
HIGH EXPLOIT AVAIL

litellm: privilege escalation viewer→proxy admin via bad API key

CVE-2025-0628
8.1
EPSS 0.3%
Auth Bypass Data Extraction API Framework
litellm Patch: 1.61.15 CWE-266 4 4 ATLAS
HIGH EXPLOIT AVAIL

litellm: unauthenticated DoS via multipart boundary parsing

CVE-2024-8984
7.5
EPSS 0.6%
DoS API Framework Inference
litellm Patch: 1.56.2 CWE-400 4 3 ATLAS
HIGH EXPLOIT AVAIL

OpenWebUI: path traversal RCE via audio upload API

CVE-2024-8060
8.1
EPSS 2.1%
Code Execution Data Extraction Framework API
open-webui Patch: 0.5.17 CWE-22 5 ATLAS
HIGH EXPLOIT AVAIL

ONNX: path traversal in download_model enables RCE

CVE-2024-7776
8.1
EPSS 5.3%
Supply Chain Code Execution Framework Model
onnx Patch: 1.17.0 CWE-22 1.1K 3 ATLAS
CRITICAL EXPLOIT AVAIL

pytorch-lightning: file upload RCE (Windows)

CVE-2024-8019
9.1
EPSS 2.1%
Code Execution Supply Chain Framework Training Data
pytorch-lightning Patch: 2.4.0 CWE-434 1.6K 4 ATLAS
HIGH EXPLOIT AVAIL

Open-WebUI: CSRF enables RCE via pipeline code injection

CVE-2024-7806
8.0
EPSS 1.8%
Code Execution Auth Bypass Framework API
open-webui Patch: 0.3.33 CWE-352 6 ATLAS
HIGH EXPLOIT AVAIL

lollms: RCE via eval() sandbox bypass in Calculate

CVE-2024-6982
8.4
EPSS 0.2%
Code Execution Auth Bypass Framework API
lollms Patch: 11.0.0 CWE-94 4 ATLAS
MEDIUM EXPLOIT AVAIL

llama-index: DoS via infinite recursion in web reader

CVE-2024-12910
5.9
EPSS 0.4%
DoS Supply Chain Framework RAG
llama-index Patch: 0.12.9 CWE-400 229 4 ATLAS
CRITICAL EXPLOIT AVAIL

llama-index DuckDB retriever: SQLi enables RCE

CVE-2024-11958
9.8
EPSS 4.1%
Code Execution Supply Chain Data Extraction Framework RAG Plugin
llama-index-retrievers-duckdb-retriever Patch: 0.4.0 CWE-89 229 5 ATLAS
MEDIUM EXPLOIT AVAIL

langchain-core: file read via prompt template inputs

CVE-2024-10940
5.3
EPSS 0.3%
Data Extraction Data Leakage Privacy Violation Framework Agent
langchain-core Patch: 0.1.53 CWE-497 4.3K 4 ATLAS
MEDIUM EXPLOIT AVAIL

picklescan: ZIP spoof lets malicious PyTorch models bypass scan

CVE-2025-1944
6.5
EPSS 0.1%
Supply Chain Code Execution Framework Model
picklescan Patch: 0.0.23 CWE-345 3 5 ATLAS
CRITICAL EXPLOIT AVAIL

spacy-llm: SSTI allows unauthenticated RCE (CVSS 9.8)

CVE-2025-25362
9.8
EPSS 0.0%
Code Execution Data Extraction Framework
spacy-llm Patch: 0.7.3 CWE-94 154 4 ATLAS
MEDIUM EXPLOIT AVAIL

picklescan: scanner bypass enables supply chain RCE

CVE-2025-1716
--
EPSS 16.2%
Supply Chain Code Execution Model Framework
picklescan Patch: 0.0.22 CWE-184 3 5 ATLAS
MEDIUM EXPLOIT AVAIL

picklescan: extension bypass enables RCE on model load

CVE-2025-1889
--
EPSS 0.1%
Supply Chain Code Execution Model Framework
picklescan Patch: 0.0.22 CWE-646 3 5 ATLAS
MEDIUM EXPLOIT AVAIL

Label Studio: reflected XSS via label_config param

CVE-2025-25296
6.1
EPSS 20.0%
Code Execution Data Extraction Training Data Framework
label-studio Patch: 1.16.0 CWE-79 1 4 ATLAS
HIGH EXPLOIT AVAIL

Label Studio SDK: path traversal leaks server filesystem

CVE-2025-25295
--
EPSS 0.1%
Data Extraction Data Leakage Privacy Violation Framework Training Data
label-studio-sdk Patch: 1.0.10 CWE-26 1 5 ATLAS
CRITICAL EXPLOIT AVAIL

LlamaFactory: RCE via OS command injection in training

CVE-2024-52803
9.8
EPSS 3.2%
Code Execution Supply Chain Framework Training Data
llamafactory Patch: 0.9.1 CWE-78 1 6 ATLAS
HIGH EXPLOIT AVAIL

ONNX: path traversal in model download enables RCE

CVE-2024-5187
8.8
EPSS 1.4%
Supply Chain Code Execution Framework Model
onnx Patch: 1.16.2 CWE-22 1.1K 4 ATLAS
MEDIUM EXPLOIT AVAIL

langchain-community: DoS via recursive sitemap loop

CVE-2024-2965
4.2
EPSS 0.0%
DoS Supply Chain Framework RAG
langchain Patch: 0.2.5 CWE-400 2.6K 3 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial