AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 225 results — Critical severityGradio: path traversal + SSRF exposes model files & infra
CVE-2023-34239 MLflow: path traversal allows arbitrary file read/write
CVE-2023-2780 LangChain: RCE via prompt injection in LLMMathChain
CVE-2023-29374 TensorFlow: unauthenticated RCE via heap buffer overflow
CVE-2023-25668 TensorFlow: heap overflow in AvgPoolGrad, RCE risk
CVE-2023-25664 MLflow: path traversal allows arbitrary file read/write
CVE-2023-1177 Gradio: hardcoded SSH key leaks via share=True demos
CVE-2023-25823 TensorFlow Grappler: OOB read crashes or leaks memory
CVE-2022-41910 TensorFlow Grappler: OOB read/crash via crafted model
CVE-2022-41902 PyTorch: RCE via unsafe eval in JIT annotations
CVE-2022-45907 TensorFlow: heap OOB RCE in FractionalMaxPool op
CVE-2022-41900 TensorFlow: heap OOB read in candidate sampler op
CVE-2022-41880 TensorFlow: ScatterNd OOB write enables RCE/crash
CVE-2022-35939 TensorFlow: OOB read in GatherNd causes crash/data leak
CVE-2022-35938 TensorFlow: GatherNd OOB read crashes inference servers
CVE-2022-35937 pytorch-lightning: code injection enables full RCE
CVE-2022-0845 TensorFlow: integer overflow in Grappler enables RCE
CVE-2022-23587 TensorFlow: path traversal in get_file allows file overwrite
CVE-2021-35958 TFLite: OOB read/write via tensor dimension mismatch
CVE-2020-15208 TFLite: OOB write via unchecked negative axis index
CVE-2020-15207 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial