AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 570 results — Medium severityPyTorch: memory corruption in RNN pad_packed_sequence
CVE-2025-2998 PyTorch: DoS via mkldnn_max_pool2d resource leak
CVE-2025-2953 openairinterface5g: segfault enables DoS via crafted UE message
CVE-2025-26265 SageMaker SDK: MD5 collision silently replaces ML workflows
CVE-2025-0508 open-webui: missing authz exposes admin prompts
CVE-2024-7045 Open WebUI: missing authz leaks admin credentials
CVE-2024-7046 Open WebUI: CSRF wipes RAG DB and AI memories via GET
CVE-2024-7035 Open WebUI: Stored XSS via file upload, session hijack
CVE-2024-7044 open-webui: path traversal allows arbitrary file write/RCE
CVE-2024-7034 open-webui: path traversal allows file write and RCE
CVE-2024-7033 llama-index: DoS via infinite recursion in web reader
CVE-2024-12910 BentoML: open redirect exposes ML teams to phishing
GHSA-564p-rx2q-4c8v MLflow: passwordless accounts enable persistent backdoor
CVE-2025-1474 Gradio: open redirect exposes AI demo users to phishing
CVE-2024-8021 MLflow: unconstrained input causes UI denial of service
CVE-2024-6838 TorchServe: unverified S3 bucket exposes benchmark data
CVE-2024-6577 Gradio: NTFS ADS bypass exposes blocked file paths
CVE-2024-12217 langchain-core: file read via prompt template inputs
CVE-2024-10940 vLLM: DoS via unbounded grammar cache exhausts disk
CVE-2025-29770 picklescan: ZIP spoof lets malicious PyTorch models bypass scan
CVE-2025-1944 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial