AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,631

AI/ML CVEs Tracked

230

Critical

89

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 569 results — Medium severity
Severity CVE ID Summary CVSS EPSS Package Date
MEDI GHSA-7cq8-mj8x-j263 picklescan: detection bypass allows malicious pickle RCE picklescan Aug 26 MEDI GHSA-6w4w-5w54-rjvr picklescan: detection bypass allows RCE via ML model files picklescan Aug 26 MEDI GHSA-3vg9-h568-4w9m picklescan: RCE bypass via idlelib SetText evasion picklescan Aug 26 MEDI GHSA-f54q-57x4-jg88 picklescan: scanner bypass enables RCE in ML models picklescan Aug 26 MEDI GHSA-6vqj-c2q5-j97w picklescan: scanner bypass enables RCE via ML models picklescan Aug 26 MEDI GHSA-x696-vm39-cp64 picklescan: scan bypass allows RCE in ML pipelines picklescan Aug 26 MEDI GHSA-g344-hcph-8vgg picklescan: scanner bypass enables RCE in ML pipelines picklescan Aug 26 MEDI GHSA-5qwp-399c-mjwf picklescan: bypass enables undetected RCE in ML models picklescan Aug 26 MEDI GHSA-vv6j-3g6g-2pvj picklescan: PyTorch gadget bypasses scanner, enables RCE picklescan Aug 22 MEDI GHSA-vr7h-p6mm-wpmh picklescan: PyTorch gadget bypasses pickle RCE detection picklescan Aug 22 MEDI GHSA-h3qp-7fh3-f8h4 picklescan: detection bypass via PyTorch proxy RCE picklescan Aug 22 MEDI GHSA-f745-w6jp-hpxx picklescan: RCE bypass via torch.utils.collect_env picklescan Aug 22 MEDI GHSA-f4x7-rfwp-v3xw picklescan: scanner bypass enables RCE via PyTorch function picklescan Aug 22 MEDI GHSA-86cj-95qr-2p4f picklescan: detection bypass enables PyTorch model RCE picklescan Aug 22 MEDI GHSA-4r9r-ch6f-vxmx picklescan: PyTorch bypass allows undetected RCE picklescan Aug 22 MEDI CVE-2025-57749 n8n: symlink traversal enables arbitrary file read/write 6.5 0.1% n8n Aug 20 MEDI CVE-2025-52478 n8n: Stored XSS enables full account takeover 5.4 0.0% n8n Aug 19 MEDI E CVE-2025-54952 ExecuTorch: integer overflow enables RCE via model loading 0.4% executorch Aug 8 MEDI E CVE-2025-44779 Ollama: arbitrary file deletion via /api/pull 6.6 0.0% ollama Aug 7 MEDI E CVE-2025-5197 Transformers: ReDoS in TF-to-PyTorch weight converter 5.3 0.0% transformers Aug 6

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial