AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 1604 results
Severity CVE ID Summary CVSS EPSS Package Date
HIGH E CVE-2025-48956 vLLM: unauthenticated DoS via oversized HTTP header 7.5 0.3% vllm Aug 21 HIGH CVE-2025-9141 vLLM: RCE via eval() in Qwen3 Coder tool parser 8.8 vllm Aug 21 MEDI CVE-2025-57749 n8n: symlink traversal enables arbitrary file read/write 6.5 0.1% n8n Aug 20 MEDI CVE-2025-52478 n8n: Stored XSS enables full account takeover 5.4 0.0% n8n Aug 19 HIGH CVE-2025-23298 Merlin Transformers4Rec: code injection via Python dep 7.8 0.0% Aug 13 HIGH GHSA-9gvj-pp9x-gcfr picklescan: detection bypass allows malicious pickle exec picklescan Aug 12 UNKN CVE-2025-55012 Zed Agent Panel: AI agent RCE via permissions bypass 0.0% Aug 11 HIGH E CVE-2025-8747 Keras: safe mode bypass enables RCE via model load 7.8 0.0% keras Aug 11 HIGH E CVE-2025-54886 skops: joblib fallback enables RCE via model load 8.4 0.4% skops Aug 8 CRIT CVE-2025-30405 ExecuTorch: integer overflow in model load → RCE 9.8 0.2% executorch Aug 8 CRIT CVE-2025-30404 ExecuTorch: integer overflow RCE on model load 9.8 0.2% executorch Aug 8 MEDI E CVE-2025-54952 ExecuTorch: integer overflow enables RCE via model loading 0.4% executorch Aug 8 CRIT CVE-2025-54951 ExecuTorch: heap buffer overflow RCE in model loading 9.8 0.3% executorch Aug 8 CRIT E CVE-2025-54950 ExecuTorch: OOB read in model loader enables RCE 9.8 0.3% executorch Aug 8 CRIT CVE-2025-54949 ExecuTorch: heap buffer overflow RCE via model loading 9.8 0.3% executorch Aug 8 CRIT E CVE-2025-53767 Azure OpenAI: SSRF EoP, no auth required (CVSS 10) 10.0 0.5% azure_openai Aug 7 MEDI E CVE-2025-44779 Ollama: arbitrary file deletion via /api/pull 6.6 0.0% ollama Aug 7 MEDI E CVE-2025-5197 Transformers: ReDoS in TF-to-PyTorch weight converter 5.3 0.0% transformers Aug 6 CRIT E CVE-2025-45150 ChatGLM-Webui: arbitrary file read, no auth required 9.8 0.1% langchain-chatglm-webui Aug 1 HIGH CVE-2025-7725 WP Contest Gallery: Stored XSS exposes OpenAI API creds 7.2 0.3% Aug 1

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial