AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 684 results — High severity
Severity CVE ID Summary CVSS EPSS Package Date
HIGH GHSA-hgrh-qx5j-jfwx picklescan: Protection Bypass circumvents security controls 8.8 picklescan Dec 29 HIGH GHSA-vqmv-47xg-9wpr picklescan: Deserialization enables RCE picklescan Dec 29 HIGH GHSA-84r2-jw7c-4r5q picklescan: Allowlist Bypass evades input filtering picklescan Dec 29 HIGH GHSA-4675-36f9-wf6r picklescan: Allowlist Bypass evades input filtering picklescan Dec 29 HIGH GHSA-m273-6v24-x4m4 picklescan: Deserialization enables RCE picklescan Dec 29 HIGH E CVE-2025-67729 lmdeploy: Deserialization enables RCE 8.8 0.1% Dec 26 HIGH E CVE-2025-68664 langchain-core: Deserialization enables RCE 8.2 2.3% langchain_core Dec 23 HIGH CVE-2025-68613 n8n: security flaw enables exploitation 8.8 81.7% n8n Dec 19 HIGH E CVE-2025-68478 langflow: File Control enables path manipulation 7.1 0.0% langflow Dec 19 HIGH E CVE-2025-53000 nbconvert: security flaw enables exploitation 0.0% Dec 18 HIGH E CVE-2025-67748 fickling: Code Injection enables RCE 0.0% fickling Dec 15 HIGH E CVE-2025-67747 fickling: Allowlist Bypass evades input filtering 0.1% fickling Dec 15 HIGH CVE-2025-67644 langgraph-checkpoint-sqlite: SQL Injection exposes database 7.3 0.0% langgraph-checkpoint-sqlite Dec 10 HIGH CVE-2025-33213 NVIDIA: Deserialization enables RCE 8.8 0.1% Dec 9 HIGH E CVE-2025-65964 n8n: security flaw enables exploitation 8.8 0.0% n8n Dec 9 HIGH CVE-2025-34291 langflow: security flaw enables exploitation 8.8 10.9% langflow Dec 5 HIGH E CVE-2025-65958 open-webui: SSRF allows internal network access 8.5 0.1% open-webui Dec 4 HIGH E CVE-2025-66404 mcp-server-kubernetes: Command Injection enables RCE 8.8 0.3% Dec 3 HIGH CVE-2025-66448 vllm: Code Injection enables RCE 8.8 0.0% vllm Dec 1 HIGH CVE-2025-65106 langchain-core: security flaw enables exploitation 0.1% langchain-core Nov 21

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial