AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

77

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 19 of 199 results — High severity, has patch
HIGH EXPLOIT AVAIL

llama-index Papers Loader: XML expansion DoS

CVE-2025-3225
7.5
EPSS 0.3%
DoS Supply Chain Framework RAG
llama-index-readers-papers Patch: 0.3.2 CWE-776 229 3 ATLAS
HIGH EXPLOIT AVAIL

LlamaIndex Obsidian: symlink traversal exposes host files

CVE-2025-3046
7.5
EPSS 0.5%
Data Extraction Data Leakage Framework RAG
llama-index-readers-obsidian Patch: 0.5.1 CWE-22 229 4 ATLAS
HIGH EXPLOIT AVAIL

Label Studio: XSS enables unauthorized actions via CSRF

CVE-2025-47783
--
EPSS 0.2%
Code Execution Data Leakage Social Engineering Framework Training Data
label-studio Patch: 1.18.0 CWE-79 1 5 ATLAS
HIGH EXPLOIT AVAIL

llama_index: DoS via uncapped recursion in web reader

CVE-2025-1752
7.5
EPSS 0.2%
DoS Framework RAG
llama-index Patch: 0.12.21 CWE-400 229 3 ATLAS
HIGH EXPLOIT AVAIL

LLaMA-Factory: RCE via torch.load() unsafe deserialization

CVE-2025-46567
7.8
EPSS 0.2%
Code Execution Supply Chain Framework Training Data
llamafactory Patch: 0.9.3 CWE-502 1 5 ATLAS
HIGH EXPLOIT AVAIL

picklescan: scanner bypass enables DNS data exfiltration

CVE-2025-46417
--
EPSS 0.2%
Supply Chain Data Extraction Data Leakage Framework Model
picklescan Patch: 0.0.25 CWE-184 3 6 ATLAS
HIGH EXPLOIT AVAIL

litellm: privilege escalation viewer→proxy admin via bad API key

CVE-2025-0628
8.1
EPSS 0.3%
Auth Bypass Data Extraction API Framework
litellm Patch: 1.61.15 CWE-266 4 4 ATLAS
HIGH

LiteLLM: API key leakage in logs exposes credentials

CVE-2024-9606
7.5
EPSS 0.2%
Data Leakage Data Extraction Auth Bypass Framework API Agent
litellm Patch: 1.44.12 CWE-117 4 5 ATLAS
HIGH EXPLOIT AVAIL

litellm: unauthenticated DoS via multipart boundary parsing

CVE-2024-8984
7.5
EPSS 0.6%
DoS API Framework Inference
litellm Patch: 1.56.2 CWE-400 4 3 ATLAS
HIGH EXPLOIT AVAIL

OpenWebUI: path traversal RCE via audio upload API

CVE-2024-8060
8.1
EPSS 2.1%
Code Execution Data Extraction Framework API
open-webui Patch: 0.5.17 CWE-22 5 ATLAS
HIGH EXPLOIT AVAIL

ONNX: path traversal in download_model enables RCE

CVE-2024-7776
8.1
EPSS 5.3%
Supply Chain Code Execution Framework Model
onnx Patch: 1.17.0 CWE-22 1.2K 3 ATLAS
HIGH EXPLOIT AVAIL

Open-WebUI: CSRF enables RCE via pipeline code injection

CVE-2024-7806
8.0
EPSS 1.8%
Code Execution Auth Bypass Framework API
open-webui Patch: 0.3.33 CWE-352 6 ATLAS
HIGH

open-webui: DoS via malformed multipart boundary

GHSA-6wj5-5pgr-jwq8
7.5
DoS Framework API
open-webui Patch: 0.4.7 CWE-400 3 ATLAS
HIGH EXPLOIT AVAIL

lollms: RCE via eval() sandbox bypass in Calculate

CVE-2024-6982
8.4
EPSS 0.1%
Code Execution Auth Bypass Framework API
lollms Patch: 11.0.0 CWE-94 4 ATLAS
HIGH

litellm: unauthenticated DoS crashes LLM proxy server

CVE-2024-10188
7.5
EPSS 0.3%
DoS Framework API Inference
litellm Patch: 1.53.1.dev1 CWE-400 4 3 ATLAS
HIGH

Label Studio: SSRF via S3 endpoint exposes internal services

CVE-2025-25297
8.6
EPSS 0.1%
Data Extraction Auth Bypass Framework Training Data
label-studio Patch: 1.16.0 CWE-918 1 4 ATLAS
HIGH EXPLOIT AVAIL

Label Studio SDK: path traversal leaks server filesystem

CVE-2025-25295
--
EPSS 0.1%
Data Extraction Data Leakage Privacy Violation Framework Training Data
label-studio-sdk Patch: 1.0.10 CWE-26 1 5 ATLAS
HIGH EXPLOIT AVAIL

ONNX: path traversal in model download enables RCE

CVE-2024-5187
8.8
EPSS 1.4%
Supply Chain Code Execution Framework Model
onnx Patch: 1.16.2 CWE-22 1.2K 4 ATLAS
HIGH

Jupyter Notebook: XSS via malicious .ipynb file

CVE-2018-8768
7.8
EPSS 0.1%
Code Execution Supply Chain Data Extraction Framework
notebook Patch: 5.4.1 2.9K 5 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial