AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Weekly CISO Take + top threats
Get the week's most critical AI security threats delivered every Monday. Free, no spam.
Latest AI Security Threats
Showing 50 of 167 results — has patch GHSA-x696-vm39-cp64 Picklescan has a missing detection when calling built-in python profile.Profile.run
GHSA-g344-hcph-8vgg Picklescan has a missing detection when calling built-in python trace.Trace.runctx
GHSA-5qwp-399c-mjwf Picklescan has a missing detection when calling built-in python trace.Trace.run
CVE-2025-5302 LlamaIndex affected by a Denial of Service (DOS) in JSONReader
CVE-2025-57809 XGrammar affected by Denial of Service by infinite recursion grammars
GHSA-vv6j-3g6g-2pvj Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config
GHSA-vr7h-p6mm-wpmh Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper
GHSA-h3qp-7fh3-f8h4 Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers
GHSA-f745-w6jp-hpxx Picklescan missing detection when calling pytorch function torch.utils.collect_env.run
GHSA-f4x7-rfwp-v3xw Picklescan missing detection when calling pytorch function torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression
GHSA-86cj-95qr-2p4f Picklescan missing detection when calling pytorch function torch._dynamo.guards.GuardBuilder.get
GHSA-4r9r-ch6f-vxmx Picklescan missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_cprofile
CVE-2025-9141 vLLM has remote code execution vulnerability in the tool call parser for Qwen3-Coder
GHSA-9gvj-pp9x-gcfr Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypass
CVE-2025-30404 ExecuTorch integer overflow vulnerability
CVE-2025-54950 ExecuTorch out-of-bounds access vulnerability
CVE-2025-54951 ExecuTorch vulnerable to Heap-based Buffer Overflow
CVE-2025-54949 ExecuTorch heap buffer overflow vulnerability
CVE-2025-30405 ExecuTorch integer overflow vulnerability
CVE-2025-30402 ExecuTorch vulnerable to Heap-based Buffer Overflow attack
CVE-2025-6211 LlamaIndex vulnerable to data loss through hash collisions in its DocugamiReader class
CVE-2025-6209 LlamaIndex vulnerable to Path Traversal attack through its encode_image function
CVE-2025-5472 LlamaIndex vulnerable to DoS attack through uncontrolled recursive JSON parsing
CVE-2025-3108 LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component
CVE-2025-52967 gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.
CVE-2025-1793 llama_index vulnerable to SQL Injection
GHSA-j828-28rj-hfhp vLLM vulnerable to Regular Expression Denial of Service
CVE-2025-47783 label-studio vulnerable to Cross-Site Scripting (Reflected) via the label_config parameter.
CVE-2025-1752 LlamaIndex Vulnerable to Denial of Service (DoS)
CVE-2025-47241 Browser Use allows bypassing `allowed_domains` by putting a decoy domain in http auth username portion of a URL
CVE-2025-46567 LLama Factory enables fine-tuning of large language models. Prior to version 1.0.0, a critical vulnerability exists in the `llamafy_baichuan2.py` script of the LLaMA-Factory project. The script...
GHSA-ggpf-24jw-3fcw CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0
GHSA-hf3c-wxg2-49q9 vLLM vulnerable to Denial of Service by abusing xgrammar cache
CVE-2025-32381 xgrammar Vulnerable to Denial of Service (DoS) by abusing unbounded cache in memory
GHSA-v7x6-rv5q-mhwc Picklescan missing detection when calling built-in python library function timeit.timeit()
GHSA-fj43-3qmq-673f Picklescan failed to detect to some unsafe global function in Numpy library
CVE-2025-46417 Picklescan Vulnerable to Exfiltration via DNS via linecache and ssl.get_server_certificate
CVE-2025-0508 SageMaker Workflow component allows possibility of MD5 hash collisions
CVE-2025-0628 LiteLLM Has an Improper Authorization Vulnerability
CVE-2024-9606 LiteLLM Reveals Portion of API Key via a Logging File
CVE-2024-8984 LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request
CVE-2024-8060 Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions
CVE-2024-7776 Open Neural Network Exchange (ONNX) Path Traversal Vulnerability
CVE-2024-8019 PyTorch Lightning path traversal vulnerability
GHSA-6wj5-5pgr-jwq8 Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file
CVE-2024-7806 Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability
CVE-2024-6982 LoLLMS Code Injection vulnerability
CVE-2024-12910 LlamaIndex Uncontrolled Resource Consumption vulnerability
CVE-2024-10940 A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from...
CVE-2024-10188 A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function...
Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial