AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

77

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 684 results — High severity
HIGH

label-studio-ml: PyTorch .pt deserialization RCE in YOLO loader

CVE-2025-5173
7.8
EPSS 0.1%
Supply Chain Code Execution Framework Model
label-studio-ml CWE-502 1 4 ATLAS
HIGH EXPLOIT AVAIL

transformers: ReDoS in testing_utils causes DoS

CVE-2025-2099
7.5
EPSS 0.1%
DoS Framework
transformers CWE-1333 7.9K 3 ATLAS
HIGH EXPLOIT AVAIL

Label Studio: XSS enables unauthorized actions via CSRF

CVE-2025-47783
--
EPSS 0.2%
Code Execution Data Leakage Social Engineering Framework Training Data
label-studio Patch: 1.18.0 CWE-79 1 5 ATLAS
HIGH EXPLOIT AVAIL

llama_index: DoS via uncapped recursion in web reader

CVE-2025-1752
7.5
EPSS 0.2%
DoS Framework RAG
llama-index Patch: 0.12.21 CWE-400 229 3 ATLAS
HIGH

TensorFlow Serving: JSON recursion DoS on inference API

CVE-2025-0649
7.5
EPSS 0.1%
DoS Inference API Framework
tensorflow_serving CWE-787 3.7K 3 ATLAS
HIGH

vLLM: pickle RCE in multi-node inference deployments

CVE-2025-30165
8.0
EPSS 1.3%
Code Execution Inference Framework
vllm CWE-502 127 3 ATLAS
HIGH EXPLOIT AVAIL

LLaMA-Factory: RCE via torch.load() unsafe deserialization

CVE-2025-46567
7.8
EPSS 0.2%
Code Execution Supply Chain Framework Training Data
llamafactory Patch: 0.9.3 CWE-502 1 5 ATLAS
HIGH EXPLOIT AVAIL

vLLM: DoS via quadratic multimodal tokenizer input

CVE-2025-46560
7.5
EPSS 0.6%
DoS Inference Framework
vllm CWE-1333 127 3 ATLAS
HIGH EXPLOIT AVAIL

vLLM: ZeroMQ socket exposure enables DoS in multi-node

CVE-2025-30202
7.5
EPSS 0.4%
DoS Data Leakage Inference Framework
vllm CWE-770 127 4 ATLAS
HIGH EXPLOIT AVAIL

picklescan: scanner bypass enables DNS data exfiltration

CVE-2025-46417
--
EPSS 0.2%
Supply Chain Data Extraction Data Leakage Framework Model
picklescan Patch: 0.0.25 CWE-184 3 6 ATLAS
HIGH EXPLOIT AVAIL

jupyterlab-git: command injection via malicious repo name

CVE-2025-30370
7.4
EPSS 0.1%
Code Execution Supply Chain Framework Plugin
CWE-78 4 ATLAS
HIGH

Mesop: class pollution enables DoS and LLM jailbreak

CVE-2025-30358
8.1
EPSS 2.4%
Jailbreak DoS Auth Bypass Framework Agent
CWE-915 6 ATLAS
HIGH EXPLOIT AVAIL

litellm: privilege escalation viewer→proxy admin via bad API key

CVE-2025-0628
8.1
EPSS 0.3%
Auth Bypass Data Extraction API Framework
litellm Patch: 1.61.15 CWE-266 4 4 ATLAS
HIGH EXPLOIT AVAIL

LiteLLM: Langfuse API key leak via error handling

CVE-2025-0330
7.5
EPSS 0.5%
Data Leakage Auth Bypass Data Extraction Framework API Inference
litellm CWE-1230 4 4 ATLAS
HIGH

open-webui: DoS via unauthenticated multipart parsing

GHSA-5ccf-884p-4jjq
7.5
DoS Inference RAG Framework
open-webui CWE-400 3 ATLAS
HIGH

LiteLLM: API key leakage in logs exposes credentials

CVE-2024-9606
7.5
EPSS 0.2%
Data Leakage Data Extraction Auth Bypass Framework API Agent
litellm Patch: 1.44.12 CWE-117 4 5 ATLAS
HIGH EXPLOIT AVAIL

litellm: unauthenticated DoS via multipart boundary parsing

CVE-2024-8984
7.5
EPSS 0.6%
DoS API Framework Inference
litellm Patch: 1.56.2 CWE-400 4 3 ATLAS
HIGH EXPLOIT AVAIL

Open-WebUI: unauthenticated PDF endpoint enables DoS

CVE-2024-8053
7.5
EPSS 0.7%
Auth Bypass DoS API Inference
open-webui CWE-287 3 ATLAS
HIGH EXPLOIT AVAIL

open-webui: unauthenticated DoS via markdown parser

CVE-2024-7983
7.5
EPSS 0.4%
DoS Auth Bypass API Framework
open-webui CWE-400 3 ATLAS
HIGH EXPLOIT AVAIL

open-webui: Stored XSS enables admin session hijack

CVE-2024-7990
8.4
EPSS 0.3%
Code Execution Data Extraction Auth Bypass Framework API
open-webui CWE-79 3 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial