AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 684 results — High severity
HIGH EXPLOIT AVAIL

TensorFlow: heap OOB read in quantize ops, DoS+leak

CVE-2021-41205
7.1
EPSS 0.0%
DoS Data Leakage Framework Training Data Inference
tensorflow CWE-125 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: malformed checkpoint triggers overflow/crash

CVE-2021-41203
7.8
EPSS 0.0%
Supply Chain Code Execution DoS Framework Training Data
tensorflow CWE-190 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap OOB read in SparseCountSparseOutput

CVE-2021-41210
7.1
EPSS 0.0%
Data Extraction Code Execution DoS Framework Training Data
tensorflow CWE-125 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: uninitialized var in Einsum allows local RCE

CVE-2021-41201
7.8
EPSS 0.0%
Code Execution Framework Inference
tensorflow CWE-824 3.7K 3 ATLAS
HIGH

nbgitpuller: RCE via OS command injection in git URLs

CVE-2021-39160
8.8
EPSS 0.8%
Code Execution Supply Chain Framework Training Data
CWE-78 5 ATLAS
HIGH

TFLite: uninitialized quant params corrupt inference

CVE-2021-37682
7.1
EPSS 0.0%
Code Execution DoS Supply Chain Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: heap over-read leaks memory via RaggedTensor

CVE-2021-37679
7.8
EPSS 0.0%
Data Leakage Code Execution Framework Training Data
tensorflow CWE-681 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow/Keras: RCE via YAML model deserialization

CVE-2021-37678
8.8
EPSS 1.0%
Code Execution Supply Chain Framework Model
tensorflow CWE-502 3.7K 4 ATLAS
HIGH

TensorFlow MKL: null-ptr/heap-OOB in requantization ops

CVE-2021-37665
7.8
EPSS 0.0%
Code Execution DoS Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: QuantizeV2 heap OOB/null-deref in quantization

CVE-2021-37663
7.8
EPSS 0.0%
Code Execution DoS Framework Training Data Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow Lite: null ptr deref crashes SVDF inference

CVE-2021-37681
7.8
EPSS 0.0%
Code Execution DoS Framework Inference
tensorflow 3.7K 4 ATLAS
HIGH

TensorFlow: null ptr deref in SparseFillEmptyRows op

CVE-2021-37676
7.8
EPSS 0.0%
Code Execution DoS Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: null-ptr deref in Map ops, local C/I/A:High

CVE-2021-37671
7.8
EPSS 0.0%
DoS Code Execution Framework Training Data Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: UnicodeEncode null deref, local code exec

CVE-2021-37667
7.8
EPSS 0.0%
Code Execution DoS Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: null-ptr deref in RaggedTensorToVariant op

CVE-2021-37666
7.8
EPSS 0.0%
Code Execution DoS Framework Training Data
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: double-free in BoostedTrees, code exec

CVE-2021-37652
7.8
EPSS 0.0%
Code Execution Framework Training Data
tensorflow CWE-415 3.7K 3 ATLAS
HIGH

TensorFlow SaveV2: null ptr deref, local crash/RCE

CVE-2021-37648
7.8
EPSS 0.0%
Code Execution DoS Framework Training Data
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: heap OOB read in BoostedTrees ops

CVE-2021-37664
7.1
EPSS 0.0%
Data Extraction DoS Framework Training Data
tensorflow 3.7K 4 ATLAS
HIGH

TensorFlow: null deref in BoostedTrees training ops

CVE-2021-37662
7.8
EPSS 0.1%
Code Execution DoS Framework Training Data
tensorflow 3.7K 3 ATLAS
HIGH

TensorFlow: heap OOB in cwise ops enables local RCE

CVE-2021-37659
7.8
EPSS 0.0%
Code Execution DoS Framework Inference
tensorflow 3.7K 3 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial