AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
1,604
AI/ML CVEs Tracked
225
Critical
76
New This Week
16
In CISA KEV
Latest AI Security Threats
Showing 20 of 1604 results Severity CVE ID Summary CVSS EPSS Package Date
CRIT E CVE-2025-1793 llama_index: SQL injection in vector store integrations 9.8 0.1% llama-index Jun 5 HIGH E CVE-2025-30167 jupyter_core: config hijack enables cross-user code exec 7.3 0.1% — Jun 4 MEDI E CVE-2025-48944 vLLM: input validation DoS crashes inference worker 6.5 0.3% vllm May 30 MEDI E CVE-2025-48943 vLLM: ReDoS crashes inference server via malformed regex 6.5 0.2% vllm May 30 MEDI E CVE-2025-48942 vLLM: DoS via malformed JSON schema guided param 6.5 0.2% vllm May 30 MEDI E CVE-2025-48887 vLLM: ReDoS in tool parser causes service outage 6.5 0.3% vllm May 30 HIGH E CVE-2025-48889 Gradio: unauthenticated file copy enables disk DoS 7.5 1.5% gradio May 30 HIGH CVE-2025-46722 vLLM: image hash collision enables multimodal cache leakage 7.3 0.2% vllm May 29 LOW CVE-2025-46570 vLLM: timing side-channel leaks prompt cache data 2.6 0.2% vllm May 29 LOW E CVE-2025-5320 Gradio: CORS origin bypass in ML UI handler 3.7 0.1% gradio May 29 MEDI GHSA-j828-28rj-hfhp vllm: ReDoS in inference endpoints enables DoS 4.3 — vllm May 28 HIGH E CVE-2025-1753 llama-index-cli: OS command injection enables RCE 7.8 0.1% llama-index May 28 HIGH CVE-2025-5173 label-studio-ml: PyTorch .pt deserialization RCE in YOLO loader 7.8 0.1% label-studio-ml May 26 CRIT E CVE-2025-47277 vLLM: RCE via exposed TCPStore in distributed inference 9.8 0.9% vllm May 20 HIGH E CVE-2025-2099 transformers: ReDoS in testing_utils causes DoS 7.5 0.1% transformers May 19 UNKN E CVE-2025-1975 Ollama: DoS via malicious manifest in /api/pull — 0.5% ollama May 16 HIGH E CVE-2025-47783 Label Studio: XSS enables unauthorized actions via CSRF — 0.2% label-studio May 15 HIGH E CVE-2025-1752 llama_index: DoS via uncapped recursion in web reader 7.5 0.2% llama-index May 10 HIGH CVE-2025-0649 TensorFlow Serving: JSON recursion DoS on inference API 7.5 0.1% tensorflow_serving May 6 HIGH CVE-2025-30165 vLLM: pickle RCE in multi-node inference deployments 8.0 1.3% vllm May 6 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial