AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

76

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 1604 results
CRITICAL EXPLOIT AVAIL

llama-index finchat: SQL injection enables RCE

CVE-2024-12909
10.0
EPSS 4.1%
Code Execution Supply Chain Data Extraction Agent Framework Plugin
llama-index-packs-finchat CWE-89 229 5 ATLAS
HIGH

open-webui: DoS via starlette memory exhaustion

GHSA-w466-2wfc-8g58
7.5
DoS Supply Chain Framework API
open-webui CWE-400 2 ATLAS
MEDIUM EXPLOIT AVAIL

llama-index: DoS via infinite recursion in web reader

CVE-2024-12910
5.9
EPSS 0.4%
DoS Supply Chain Framework RAG
llama-index Patch: 0.12.9 CWE-400 229 4 ATLAS
HIGH

BentoML: DoS via multipart boundary in Gradio login

GHSA-hh3j-9m59-p8vc
7.5
DoS Framework Inference
bentoml CWE-400 23 3 ATLAS
MEDIUM

BentoML: open redirect exposes ML teams to phishing

GHSA-564p-rx2q-4c8v
6.1
Social Engineering Auth Bypass Framework Inference
bentoml CWE-601 23 5 ATLAS
HIGH EXPLOIT AVAIL

Open-WebUI: unauthenticated DoS via code formatter

CVE-2024-12537
7.5
EPSS 2.7%
DoS Auth Bypass API Framework
open-webui CWE-400 3 ATLAS
HIGH EXPLOIT AVAIL

open-webui: unauthenticated DoS via login payload flood

CVE-2024-12534
7.5
EPSS 0.6%
DoS API Framework
open-webui CWE-400 3 ATLAS
CRITICAL EXPLOIT AVAIL

llama-index DuckDB retriever: SQLi enables RCE

CVE-2024-11958
9.8
EPSS 4.1%
Code Execution Supply Chain Data Extraction Framework RAG Plugin
llama-index-retrievers-duckdb-retriever Patch: 0.4.0 CWE-89 229 5 ATLAS
HIGH EXPLOIT AVAIL

H2O-3: unauthenticated AST parser enables DoS + file write

CVE-2024-10572
7.5
EPSS 0.4%
DoS Code Execution Framework Training Data
CWE-94 3 ATLAS
MEDIUM EXPLOIT AVAIL

MLflow: passwordless accounts enable persistent backdoor

CVE-2025-1474
5.5
EPSS 0.1%
Auth Bypass Supply Chain Model Poisoning Framework Training Data Model
mlflow CWE-521 624 5 ATLAS
HIGH EXPLOIT AVAIL

MLflow: CSRF in signup allows rogue account creation

CVE-2025-1473
7.1
EPSS 0.2%
Auth Bypass Data Extraction Framework Training Data
mlflow CWE-352 624 4 ATLAS
HIGH EXPLOIT AVAIL

MLflow: GraphQL DoS disables ML tracking server

CVE-2025-0453
7.5
EPSS 0.3%
DoS Framework
mlflow CWE-400 624 3 ATLAS
HIGH EXPLOIT AVAIL

Ollama: DoS via malicious GGUF model file upload

CVE-2025-0317
7.5
EPSS 2.9%
DoS Inference Model
ollama CWE-369 1.5K 4 ATLAS
HIGH EXPLOIT AVAIL

Ollama: GGUF model upload causes memory exhaustion DoS

CVE-2025-0315
7.5
EPSS 0.1%
DoS Inference Model
ollama CWE-770 1.5K 3 ATLAS
HIGH EXPLOIT AVAIL

Ollama: null pointer DoS via malicious GGUF model upload

CVE-2025-0312
7.5
EPSS 0.2%
DoS Inference Model Framework
ollama CWE-476 1.5K 4 ATLAS
UNKNOWN EXPLOIT AVAIL

Gradio: DoS via oversized upload filename

CVE-2025-0187
--
EPSS 0.8%
DoS Framework API
gradio 679 3 ATLAS
CRITICAL EXPLOIT AVAIL

BentoML: unauthenticated RCE via runner deserialization

CVE-2024-9070
9.8
EPSS 0.4%
Code Execution Supply Chain Framework Inference
bentoml CWE-502 23 3 ATLAS
HIGH EXPLOIT AVAIL

BentoML: DoS via multipart boundary exhausts server

CVE-2024-9056
7.5
EPSS 0.3%
DoS Framework Inference
bentoml CWE-400 23 3 ATLAS
CRITICAL EXPLOIT AVAIL

vllm: RCE via unsafe pickle deserialization in RPC server

CVE-2024-9053
9.8
EPSS 10.0%
Code Execution Supply Chain Framework Inference
vllm CWE-78 127 5 ATLAS
HIGH EXPLOIT AVAIL

Gradio: DoS via malformed multipart boundary

CVE-2024-8966
7.5
EPSS 0.3%
DoS Framework
video CWE-400 679 3 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial