AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 512 results — has patch
Severity CVE ID Summary CVSS EPSS Package Date
MEDI E CVE-2025-0508 SageMaker SDK: MD5 collision silently replaces ML workflows 5.9 0.1% sagemaker Mar 20 HIGH CVE-2024-9606 LiteLLM: API key leakage in logs exposes credentials 7.5 0.2% litellm Mar 20 HIGH E CVE-2024-8984 litellm: unauthenticated DoS via multipart boundary parsing 7.5 0.6% litellm Mar 20 HIGH E CVE-2024-8060 OpenWebUI: path traversal RCE via audio upload API 8.1 2.1% open-webui Mar 20 CRIT E CVE-2024-8019 pytorch-lightning: file upload RCE (Windows) 9.1 2.1% pytorch-lightning Mar 20 HIGH GHSA-6wj5-5pgr-jwq8 open-webui: DoS via malformed multipart boundary 7.5 open-webui Mar 20 HIGH E CVE-2024-7806 Open-WebUI: CSRF enables RCE via pipeline code injection 8.0 1.8% open-webui Mar 20 HIGH E CVE-2024-7776 ONNX: path traversal in download_model enables RCE 8.1 5.3% onnx Mar 20 HIGH E CVE-2024-6982 lollms: RCE via eval() sandbox bypass in Calculate 8.4 0.1% lollms Mar 20 MEDI E CVE-2024-12910 llama-index: DoS via infinite recursion in web reader 5.9 0.4% llama-index Mar 20 CRIT E CVE-2024-11958 llama-index DuckDB retriever: SQLi enables RCE 9.8 4.1% llama-index-retrievers-duckdb-retriever Mar 20 MEDI E CVE-2024-10940 langchain-core: file read via prompt template inputs 5.3 0.3% langchain-core Mar 20 HIGH CVE-2024-10188 litellm: unauthenticated DoS crashes LLM proxy server 7.5 0.3% litellm Mar 20 MEDI E CVE-2025-1944 picklescan: ZIP spoof lets malicious PyTorch models bypass scan 6.5 0.1% picklescan Mar 10 MEDI CVE-2025-1979 Ray: Redis password exposed via plaintext logging 6.4 0.1% ray Mar 6 CRIT E CVE-2025-25362 spacy-llm: SSTI allows unauthenticated RCE (CVSS 9.8) 9.8 0.0% spacy-llm Mar 5 MEDI E CVE-2025-1716 picklescan: scanner bypass enables supply chain RCE 16.2% picklescan Mar 3 MEDI E CVE-2025-1889 picklescan: extension bypass enables RCE on model load 0.1% picklescan Mar 3 HIGH CVE-2025-25297 Label Studio: SSRF via S3 endpoint exposes internal services 8.6 0.1% label-studio Feb 14 MEDI E CVE-2025-25296 Label Studio: reflected XSS via label_config param 6.1 20.0% label-studio Feb 14

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial