AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 512 results — has patch

Severity CVE ID Summary CVSS EPSS Package Date

MEDI GHSA-3gf5-cxq9-w223 picklescan: scanner bypass enables pickle RCE in ML models — — picklescan Aug 26 MEDI GHSA-j343-8v2j-ff7w picklescan: scanner bypass allows pickle-based RCE — — picklescan Aug 26 MEDI GHSA-m869-42cg-3xwr picklescan: scanner bypass enables RCE via ML models — — picklescan Aug 26 MEDI GHSA-p9w7-82w4-7q8m picklescan: detection bypass allows pickle RCE in ML pipelines — — picklescan Aug 26 MEDI GHSA-xp4f-hrf8-rxw7 picklescan: scanner bypass leads to undetected RCE — — picklescan Aug 26 MEDI GHSA-4whj-rm5r-c2v8 picklescan: scanner bypass enables PyTorch gadget RCE — — picklescan Aug 26 MEDI GHSA-9xph-j2h6-g47v picklescan: scanner bypass enables RCE via model files — — picklescan Aug 26 MEDI GHSA-8r4j-24qv-fmq9 picklescan: RCE bypass enables ML supply chain attack — — picklescan Aug 26 MEDI GHSA-cj3c-v495-4xqh picklescan: security bypass enables RCE in ML pipelines — — picklescan Aug 26 MEDI GHSA-7cq8-mj8x-j263 picklescan: detection bypass allows malicious pickle RCE — — picklescan Aug 26 MEDI GHSA-6w4w-5w54-rjvr picklescan: detection bypass allows RCE via ML model files — — picklescan Aug 26 MEDI GHSA-3vg9-h568-4w9m picklescan: RCE bypass via idlelib SetText evasion — — picklescan Aug 26 MEDI GHSA-f54q-57x4-jg88 picklescan: scanner bypass enables RCE in ML models — — picklescan Aug 26 MEDI GHSA-6vqj-c2q5-j97w picklescan: scanner bypass enables RCE via ML models — — picklescan Aug 26 MEDI GHSA-x696-vm39-cp64 picklescan: scan bypass allows RCE in ML pipelines — — picklescan Aug 26 MEDI GHSA-g344-hcph-8vgg picklescan: scanner bypass enables RCE in ML pipelines — — picklescan Aug 26 MEDI GHSA-5qwp-399c-mjwf picklescan: bypass enables undetected RCE in ML models — — picklescan Aug 26 HIGH E CVE-2025-5302 llama-index: JSON parsing DoS via deep recursion 8.6 0.1% llama-index-core Aug 26 HIGH E CVE-2025-57809 xgrammar: uncontrolled recursion in grammar parsing causes DoS 7.5 0.0% xgrammar Aug 25 MEDI GHSA-vv6j-3g6g-2pvj picklescan: PyTorch gadget bypasses scanner, enables RCE — — picklescan Aug 22

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial