AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 684 results — High severity
HIGH EXPLOIT AVAIL

TensorFlow: tf.reshape DoS via integer overflow

CVE-2022-35934
7.5
EPSS 0.0%
DoS Framework Inference
tensorflow CWE-617 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow CLI: eval() injection enables reverse shell

CVE-2022-29216
7.8
EPSS 0.2%
Code Execution Supply Chain Framework Inference
tensorflow 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: OOB write in EditDistance enables local DoS

CVE-2022-29208
7.1
EPSS 0.1%
DoS Code Execution Framework
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

Gradio: CSV formula injection via flagging enables RCE

CVE-2022-24770
8.8
EPSS 0.6%
Code Execution Supply Chain Framework Inference
gradio 674 4 ATLAS
HIGH EXPLOIT AVAIL

MLflow: insecure temp file handling causes DoS

CVE-2022-0736
7.5
EPSS 0.6%
DoS Framework Training Data
mlflow 624 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow MLIR-TFRT: DoS via scalar shape segfault

CVE-2022-23593
7.5
EPSS 0.3%
DoS Framework Inference
tensorflow CWE-754 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap OOB read in type inference engine

CVE-2022-23592
8.1
EPSS 0.3%
Data Extraction DoS Code Execution Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: SavedModel stack overflow via recursive GraphDef

CVE-2022-23591
7.5
EPSS 0.3%
DoS Supply Chain Framework Model
tensorflow CWE-674 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: DoS via malicious SavedModel GraphDef

CVE-2022-23590
7.5
EPSS 0.2%
DoS Supply Chain Framework Model Inference
tensorflow 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap OOB read/write enables network RCE

CVE-2022-23574
8.8
EPSS 0.3%
Code Execution Supply Chain Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: uninitialized memory in AssignOp

CVE-2022-23573
8.8
EPSS 0.3%
Code Execution Data Leakage DoS Framework Inference Training Data
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap OOB write in Grappler, RCE risk

CVE-2022-23566
8.8
EPSS 0.4%
Code Execution Supply Chain Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: Range integer overflow, RCE/DoS risk

CVE-2022-23562
8.8
EPSS 0.4%
Code Execution DoS Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow Lite: OOB write, arbitrary write primitive

CVE-2022-23561
8.8
EPSS 0.2%
Code Execution Supply Chain Framework Inference Model
tensorflow 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TFLite: OOB read/write in sparse tensor → RCE

CVE-2022-23560
8.8
EPSS 0.3%
Code Execution Supply Chain Data Extraction Framework Model Inference
tensorflow 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TFLite: integer overflow in embedding lookup → heap OOB RW

CVE-2022-23559
8.8
EPSS 0.5%
Supply Chain Code Execution Framework Inference
tensorflow CWE-190 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TFLite: integer overflow in model loading, RCE risk

CVE-2022-23558
8.8
EPSS 0.4%
Code Execution Supply Chain Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap overflow in sparse ops, RCE risk

CVE-2022-21740
8.8
EPSS 0.3%
Code Execution DoS Framework Inference
tensorflow CWE-787 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: OOB read leaks heap memory, enables DoS

CVE-2022-21730
8.1
EPSS 0.3%
Data Extraction DoS Code Execution Framework Inference Training Data
tensorflow CWE-125 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap OOB read in ReverseSequence op

CVE-2022-21728
8.1
EPSS 1.1%
DoS Data Leakage Framework Inference
tensorflow CWE-125 3.7K 3 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial