AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,604
AI/ML CVEs Tracked
225
Critical
76
New This Week
16
In CISA KEV
Latest AI Security Threats
Showing 20 of 512 results — has patch Severity CVE ID Summary CVSS EPSS Package Date
MEDI E CVE-2025-5472 llama-index: JSONReader DoS via recursive JSON parsing 6.5 0.2% llama-index-core Jul 7 HIGH E CVE-2025-3046 LlamaIndex Obsidian: symlink traversal exposes host files 7.5 0.5% llama-index-readers-obsidian Jul 7 MEDI E CVE-2025-3044 llama-index ArxivReader: MD5 collision corrupts training data 5.3 0.2% llama-index-readers-papers Jul 7 HIGH E CVE-2025-3225 llama-index Papers Loader: XML expansion DoS 7.5 0.3% llama-index-readers-papers Jul 7 MEDI E CVE-2025-3108 llama-index: RCE via unsafe pickle deserialization 5.0 1.9% llama-index-core Jul 7 MEDI CVE-2025-52967 MLflow: unauthenticated SSRF in gateway proxy 5.8 0.2% mlflow Jun 23 CRIT E CVE-2025-1793 llama_index: SQL injection in vector store integrations 9.8 0.1% llama-index Jun 5 MEDI GHSA-j828-28rj-hfhp vllm: ReDoS in inference endpoints enables DoS 4.3 — vllm May 28 HIGH E CVE-2025-47783 Label Studio: XSS enables unauthorized actions via CSRF — 0.2% label-studio May 15 HIGH E CVE-2025-1752 llama_index: DoS via uncapped recursion in web reader 7.5 0.2% llama-index May 10 CRIT E CVE-2025-47241 browser-use: URL allowlist bypass enables SSRF in agents 9.3 0.2% browser-use May 5 HIGH E CVE-2025-46567 LLaMA-Factory: RCE via torch.load() unsafe deserialization 7.8 0.2% llamafactory May 1 CRIT GHSA-ggpf-24jw-3fcw vLLM: RCE via malicious model, PyTorch < 2.6 bypass 9.8 — vllm Apr 23 MEDI GHSA-hf3c-wxg2-49q9 vLLM: DoS via unbounded XGrammar schema cache 6.5 — vllm Apr 15 CRIT E CVE-2025-32428 jupyter-remote-desktop-proxy: VNC network exposure — 0.2% jupyter-remote-desktop-proxy Apr 12 MEDI CVE-2025-32381 xgrammar: unbounded grammar cache causes LLM server DoS 6.5 0.3% xgrammar Apr 9 MEDI GHSA-v7x6-rv5q-mhwc picklescan: bypass allows silent RCE in ML pipelines — — picklescan Apr 7 MEDI GHSA-fj43-3qmq-673f picklescan: numpy bypass enables RCE in ML model pipelines — — picklescan Apr 7 HIGH E CVE-2025-46417 picklescan: scanner bypass enables DNS data exfiltration — 0.2% picklescan Apr 7 HIGH E CVE-2025-0628 litellm: privilege escalation viewer→proxy admin via bad API key 8.1 0.3% litellm Mar 20 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial