AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 225 results — Critical severity
Severity CVE ID Summary CVSS EPSS Package Date
CRIT E CVE-2023-34239 Gradio: path traversal + SSRF exposes model files & infra 9.1 0.3% gradio Jun 8 CRIT E CVE-2023-2780 MLflow: path traversal allows arbitrary file read/write 9.8 86.8% mlflow May 17 CRIT E CVE-2023-29374 LangChain: RCE via prompt injection in LLMMathChain 9.8 3.8% langchain Apr 5 CRIT E CVE-2023-25668 TensorFlow: unauthenticated RCE via heap buffer overflow 9.8 1.5% tensorflow Mar 25 CRIT E CVE-2023-25664 TensorFlow: heap overflow in AvgPoolGrad, RCE risk 9.8 0.1% tensorflow Mar 25 CRIT CVE-2023-1177 MLflow: path traversal allows arbitrary file read/write 9.8 93.3% mlflow Mar 24 CRIT E CVE-2023-25823 Gradio: hardcoded SSH key leaks via share=True demos 9.8 0.4% gradio Feb 23 CRIT CVE-2022-41910 TensorFlow Grappler: OOB read crashes or leaks memory 9.1 0.3% tensorflow Dec 6 CRIT E CVE-2022-41902 TensorFlow Grappler: OOB read/crash via crafted model 9.1 0.3% tensorflow Dec 6 CRIT E CVE-2022-45907 PyTorch: RCE via unsafe eval in JIT annotations 9.8 0.8% pytorch Nov 26 CRIT E CVE-2022-41900 TensorFlow: heap OOB RCE in FractionalMaxPool op 9.8 1.2% tensorflow Nov 18 CRIT E CVE-2022-41880 TensorFlow: heap OOB read in candidate sampler op 9.1 0.2% tensorflow Nov 18 CRIT CVE-2022-35939 TensorFlow: ScatterNd OOB write enables RCE/crash 9.8 0.2% tensorflow Sep 16 CRIT CVE-2022-35938 TensorFlow: OOB read in GatherNd causes crash/data leak 9.1 0.1% tensorflow Sep 16 CRIT CVE-2022-35937 TensorFlow: GatherNd OOB read crashes inference servers 9.1 0.1% tensorflow Sep 16 CRIT E CVE-2022-0845 pytorch-lightning: code injection enables full RCE 9.8 0.3% pytorch_lightning Mar 5 CRIT E CVE-2022-23587 TensorFlow: integer overflow in Grappler enables RCE 9.8 0.3% tensorflow Feb 4 CRIT E CVE-2021-35958 TensorFlow: path traversal in get_file allows file overwrite 9.1 1.1% tensorflow Jun 30 CRIT E CVE-2020-15208 TFLite: OOB read/write via tensor dimension mismatch 9.8 0.3% tensorflow Sep 25 CRIT E CVE-2020-15207 TFLite: OOB write via unchecked negative axis index 9.0 1.4% tensorflow Sep 25

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial