AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

2

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 1140 results

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2023-43472 An issue in MLFlow versions 2.8.1 and before... 7.5 — mlflow Dec 5 CRIT CVE-2023-48022 Ray has arbitrary code execution via jobs... 9.8 91.8% ray Nov 28 MEDI CVE-2023-48299 TorchServe is a tool for serving and scaling... 5.3 — torchserve Nov 21 CRIT CVE-2023-6020 Ray Missing Authorization vulnerability 9.3 80.4% ray Nov 16 CRIT CVE-2023-6014 An attacker is able to arbitrarily create an... 9.8 — mlflow Nov 16 CRIT CVE-2023-6021 Ray Path Traversal vulnerability 9.3 87.3% ray Nov 16 CRIT CVE-2023-6019 Ray OS Command Injection vulnerability 9.8 88.7% ray Nov 16 CRIT CVE-2023-6018 An attacker can overwrite any file on the server... 9.8 — mlflow Nov 16 HIGH CVE-2023-6015 MLflow allowed arbitrary files to be PUT onto the... 7.5 — mlflow Nov 16 CRIT CVE-2023-5245 FileUtil.extract() enumerates all zip file... 9.8 — — Nov 15 HIGH CVE-2023-46315 The zanllp sd-webui-infinite-image-browsing (aka... 7.5 — — Oct 22 CRIT CVE-2023-32785 Langchain SQL Injection vulnerability 9.8 — langchain Oct 21 HIGH CVE-2023-32786 In Langchain through 0.0.155, prompt injection... 7.5 — langchain Oct 20 HIGH CVE-2023-46229 LangChain before 0.0.317 allows SSRF via... 8.8 — langchain Oct 19 CRIT CVE-2023-44467 langchain_experimental (aka LangChain... 9.8 — langchain_experimental Oct 9 CRIT CVE-2023-43654 TorchServe is a tool for serving and scaling... 9.8 — torchserve Sep 28 MEDI CVE-2023-41626 Gradio v3.27.0 was discovered to contain an... 4.8 — gradio Sep 15 CRIT CVE-2023-39631 An issue in LanChain-ai Langchain v.0.0.245... 9.8 3.3% langchain Sep 1 CRIT CVE-2023-36281 An issue in langchain v.0.0.171 allows a remote... 9.8 — langchain Aug 22 CRIT CVE-2023-39659 An issue in langchain langchain-ai v.0.0.232 and... 9.8 — langchain Aug 15 CRIT CVE-2023-38896 An issue in Harrison Chase langchain v.0.0.194... 9.8 — langchain Aug 15 CRIT CVE-2023-38860 An issue in LangChain v.0.0.231 allows a remote... 9.8 1.4% langchain Aug 15 HIGH CVE-2023-27506 Improper buffer restrictions in the Intel(R)... 7.8 — optimization_for_tensorflow Aug 11 CRIT CVE-2023-36095 An issue in Harrison Chase langchain v.0.0.194... 9.8 — langchain Aug 5 HIGH CVE-2023-4033 OS Command Injection in GitHub repository... 7.8 0.2% mlflow Aug 1 CRIT CVE-2023-3765 Absolute Path Traversal in GitHub repository... 10.0 — mlflow Jul 19 CRIT CVE-2023-3686 A vulnerability was found in Bylancer QuickAI... 9.8 — quickai_openai Jul 16 HIGH CVE-2023-36189 SQL injection vulnerability in langchain before... 7.5 0.2% langchain Jul 6 CRIT CVE-2023-36188 An issue in langchain v.0.0.64 allows a remote... 9.8 — langchain Jul 6 CRIT CVE-2023-36258 An issue in LangChain before 0.0.236 allows an... 9.8 0.5% langchain Jul 3 CRIT CVE-2023-34541 Langchain 0.0.171 is vulnerable to Arbitrary code... 9.8 — langchain Jun 20 CRIT CVE-2023-34540 Langchain before v0.0.225 was discovered to... 9.8 — langchain Jun 14 CRIT CVE-2023-34239 Gradio is an open-source Python library that is... 9.1 — gradio Jun 8 MEDI CVE-2023-2800 Insecure Temporary File in GitHub repository... 4.7 0.0% transformers May 18 CRIT CVE-2023-2780 Path Traversal: '\..\filename' in GitHub... 9.8 — mlflow May 17 HIGH CVE-2023-30172 A directory traversal vulnerability in the... 7.5 — mlflow May 11 HIGH CVE-2023-27564 The n8n package 0.218.0 for Node.js allows... 7.5 — n8n May 10 HIGH CVE-2023-27563 The n8n package 0.218.0 for Node.js allows... 8.8 — n8n May 10 MEDI CVE-2023-27562 The n8n package 0.218.0 for Node.js allows... 6.5 — n8n May 10 MEDI CVE-2023-1651 The AI ChatBot WordPress plugin before 4.4.9 does... 5.4 — — May 8 HIGH CVE-2023-2356 Relative Path Traversal in GitHub repository... 7.5 — mlflow Apr 28 CRIT CVE-2023-29374 In LangChain through 0.0.131, the LLMMathChain... 9.8 4.5% langchain Apr 5 MEDI CVE-2023-25661 TensorFlow is an Open Source Machine Learning... 6.5 — tensorflow Mar 27 HIGH CVE-2023-27579 TensorFlow is an end-to-end open source platform... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25801 TensorFlow is an open source machine learning... 7.8 — tensorflow Mar 25 HIGH CVE-2023-25676 TensorFlow is an open source machine learning... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25675 TensorFlow is an open source machine learning... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25674 TensorFlow is an open source machine learning... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25673 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25672 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial