AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,625

AI/ML CVEs Tracked

230

Critical

87

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 569 results — Medium severity
Severity CVE ID Summary CVSS EPSS Package Date
MEDI E CVE-2025-67743 local-deep-research: SSRF allows internal network access 6.3 0.1% Dec 23 MEDI E CVE-2025-68477 langflow: SSRF allows internal network access 6.5 0.0% langflow Dec 19 MEDI CVE-2025-63390 anythingllm: Missing Auth allows unauthenticated access 5.3 0.0% Dec 18 MEDI E CVE-2025-13922 AI component: SQL Injection exposes database 6.5 0.0% Dec 6 MEDI CVE-2025-13359 taxopress: SQL Injection exposes database 6.5 0.0% Dec 3 MEDI CVE-2025-13354 taxopress: Missing Auth allows unauthorized operations 4.3 0.0% Dec 3 MEDI CVE-2025-62426 vllm: Resource Exhaustion enables DoS 6.5 0.1% vllm Nov 21 MEDI CVE-2025-62372 vllm: security flaw enables exploitation 6.5 0.1% vllm Nov 21 MEDI CVE-2025-12732 AI component: Info Disclosure leaks sensitive data 4.3 0.0% Nov 12 MEDI CVE-2025-11972 AI component: SQL Injection exposes database 4.9 0.0% Nov 8 MEDI CVE-2025-12360 Better: security flaw enables exploitation 4.3 0.0% Nov 6 MEDI E CVE-2025-12695 dspy: security flaw enables exploitation 5.9 0.0% Nov 4 MEDI E CVE-2025-12058 Keras: safe_mode bypass enables file read and SSRF 0.1% keras Oct 29 MEDI E CVE-2025-11844 smolagents: security flaw enables exploitation 5.4 0.0% smolagents Oct 22 MEDI E CVE-2025-60511 Moodle: IDOR enables unauthorized data access 4.3 0.0% Oct 21 MEDI CVE-2025-61620 vllm: DoS via Jinja template injection in chat API 6.5 vllm Oct 7 MEDI E CVE-2025-8917 clearml: path traversal in safe_extract → RCE risk 5.8 0.0% clearml Oct 5 MEDI E CVE-2025-55556 TensorFlow: non-deterministic compilation breaks Embedding 6.5 0.0% tensorflow Sep 25 MEDI E CVE-2025-55554 PyTorch: integer overflow in nan_to_num causes DoS 5.3 0.1% pytorch Sep 25 MEDI CVE-2025-46153 PyTorch: Dropout inconsistency enables membership inference 5.3 0.1% pytorch Sep 25

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial