AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

2

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first
Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 17 of 167 results — has patch
MEDIUM CVE-2025-1944

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP...

CVSS 6.5 EPSS 0.1% picklescan Patch: 0.0.23 CWE-345
View details
MEDIUM CVE-2025-1979

ray vulnerable to Insertion of Sensitive Information into Log File

CVSS 6.4 EPSS 0.0% ray Patch: 2.43.0 CWE-532
View details
MEDIUM CVE-2025-1716

Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis

EPSS 4.2% picklescan Patch: 0.0.22 CWE-184
View details
MEDIUM CVE-2025-1889

PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions

EPSS 0.0% picklescan Patch: 0.0.22 CWE-646
View details
HIGH CVE-2025-25297

Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint

CVSS 8.6 EPSS 0.2% label-studio Patch: 1.16.0 CWE-918
View details
MEDIUM CVE-2025-25296

Label Studio allows Cross-Site Scripting (XSS) via GET request to `/projects/upload-example` endpoint

CVSS 6.1 EPSS 4.4% label-studio Patch: 1.16.0 CWE-79
View details
CRITICAL CVE-2024-52803

LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises...

CVSS 9.8 EPSS 2.4% llamafactory Patch: 0.9.1 CWE-78
View details
MEDIUM GHSA-26jh-r8g2-6fpr

Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list

CVSS 5.3 gradio Patch: 5.0.0
View details
HIGH CVE-2024-5187

onnx allows Arbitrary File Overwrite in download_model_with_test_data

CVSS 8.8 EPSS 1.4% onnx Patch: 1.16.2 CWE-22
View details
MEDIUM CVE-2024-2965

Denial of service in langchain-community

CVSS 4.2 EPSS 0.0% langchain Patch: 0.2.5 CWE-400
View details
CRITICAL CVE-2023-6020

Ray Missing Authorization vulnerability

CVSS 9.3 EPSS 80.4% ray Patch: 2.8.1 CWE-598
View details
CRITICAL CVE-2023-6021

Ray Path Traversal vulnerability

CVSS 9.3 EPSS 87.3% ray Patch: 2.8.1 CWE-22
View details
CRITICAL CVE-2023-6019

Ray OS Command Injection vulnerability

CVSS 9.8 EPSS 88.7% ray Patch: 2.8.1 CWE-78
View details
CRITICAL CVE-2023-32785

Langchain SQL Injection vulnerability

CVSS 9.8 langchain Patch: 0.0.247 CWE-74
View details
MEDIUM CVE-2022-36551

Heartex - Label Studio Community Edition vulnerable to SSRF in the Data Import module

CVSS 6.5 EPSS 4.7% label-studio Patch: 1.6.0 CWE-918
View details
MEDIUM CVE-2018-21030

Cross-site scripting in Jupyter Notebook

CVSS 5.3 EPSS 0.4% notebook Patch: 5.5.0rc1 CWE-79
View details
HIGH CVE-2018-8768

Jupyter Notebook file bypasses sanitization, executes JavaScript

CVSS 7.8 EPSS 0.1% notebook Patch: 5.4.1
View details

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial