AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,625

AI/ML CVEs Tracked

230

Critical

87

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 569 results — Medium severity
Severity CVE ID Summary CVSS EPSS Package Date
MEDI E CVE-2024-1455 LangChain: Billion Laughs XML expansion causes DoS 5.9 0.1% langchain Mar 26 MEDI CVE-2023-30767 Intel TF Opt: buffer overflow enables local privesc 6.7 0.1% optimization_for_tensorflow Feb 14 MEDI E CVE-2023-6568 MLflow: reflected XSS via Content-Type header injection 6.1 33.4% mlflow Dec 7 MEDI CVE-2023-48299 TorchServe: ZipSlip arbitrary file write via model upload 5.3 0.4% torchserve Nov 21 MEDI CVE-2023-41626 Gradio: arbitrary file upload via /upload endpoint 4.8 0.1% gradio Sep 15 MEDI E CVE-2023-34094 ChuanhuChatGPT: config exposure leaks API keys 5.3 0.3% chuanhuchatgpt Jun 2 MEDI E CVE-2023-2800 Transformers: temp file race condition allows local DoS 4.7 0.0% transformers May 18 MEDI E CVE-2023-27562 n8n: path traversal allows arbitrary file read 6.5 1.1% n8n May 10 MEDI E CVE-2023-1651 AI ChatBot WP: auth bypass exposes OpenAI config + XSS 5.4 0.2% wpbot May 8 MEDI E CVE-2023-25661 TensorFlow: DoS via malformed Convolution3D input 6.5 0.2% tensorflow Mar 27 MEDI CVE-2023-27494 Streamlit: reflected XSS enables session hijacking 6.1 0.7% streamlit Mar 16 MEDI E CVE-2022-36551 Label Studio: SSRF + file read, self-reg bypass 6.5 9.2% label-studio Oct 4 MEDI CVE-2022-35918 Streamlit: path traversal leaks server filesystem 6.5 1.4% streamlit Aug 1 MEDI E CVE-2022-29213 TensorFlow: input validation DoS in FFT signal ops 5.5 0.1% tensorflow May 21 MEDI E CVE-2022-29212 TensorFlow Lite: quantization assert crash (DoS) 5.5 0.1% tensorflow May 21 MEDI E CVE-2022-29211 TensorFlow: NaN input crashes histogram op (CPU DoS) 5.5 0.1% tensorflow May 21 MEDI CVE-2022-29210 TensorFlow: heap OOB in TensorKey causes DoS 5.5 0.0% tensorflow May 21 MEDI E CVE-2022-29209 TensorFlow: CHECK macro type confusion causes DoS 5.5 0.1% tensorflow May 21 MEDI E CVE-2022-29206 TensorFlow: SparseTensorDenseAdd null ptr deref DoS 5.5 0.1% tensorflow May 20 MEDI E CVE-2022-29205 TensorFlow: NULL deref DoS via compat.v1 ops 5.5 0.1% tensorflow May 20

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial