AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 4 of 144 results — Active exploitation, has patch
CRITICAL EXPLOIT AVAIL SCANNER

Ray: unauthenticated LFI exposes entire filesystem

CVE-2023-6020
9.3
EPSS 81.4%
Data Extraction Auth Bypass Framework Training Data Model
ray Patch: 2.8.1 CWE-598 845 5 ATLAS
CRITICAL EXPLOIT AVAIL SCANNER

Ray: LFI allows unauthenticated file read

CVE-2023-6021
9.3
EPSS 87.3%
Data Extraction Auth Bypass Framework Inference
ray Patch: 2.8.1 CWE-22 845 5 ATLAS
CRITICAL EXPLOIT AVAIL

Ray: unauthenticated RCE via dashboard command injection

CVE-2023-6019
9.8
EPSS 88.8%
Code Execution Auth Bypass Supply Chain Framework Inference Training Data
ray Patch: 2.8.1 CWE-78 845 6 ATLAS
MEDIUM EXPLOIT AVAIL

Label Studio: SSRF + file read, self-reg bypass

CVE-2022-36551
6.5
EPSS 9.2%
Data Extraction Auth Bypass Data Leakage Training Data Framework
label-studio Patch: 1.6.0 CWE-918 1 6 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial