AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

New This Week

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 167 results — Critical severity, no patch

CRITICAL EXPLOIT AVAIL

vllm: RCE via unsafe pickle deserialization in MessageQueue

Code Execution Framework Inference

vllm CWE-502 127 4 ATLAS

CRITICAL EXPLOIT AVAIL

vLLM: RCE via unsafe deserialization in Mooncake KV

Code Execution Supply Chain Framework Inference

vllm CWE-502 127 5 ATLAS

CRITICAL EXPLOIT AVAIL

Keras: safe_mode bypass enables RCE via model loading

Code Execution Supply Chain Framework Model

keras CWE-94 1.5K 6 ATLAS

CRITICAL EXPLOIT AVAIL

picklescan: ZIP flag bypass enables RCE in PyTorch models

Supply Chain Code Execution Model Framework

picklescan CWE-345 3 6 ATLAS

CRITICAL

JupyterHub LTI13: JWT forgery enables full auth bypass

Auth Bypass Framework

CWE-347 3 ATLAS

CRITICAL

PandasAI: prompt injection enables unauthenticated RCE

Prompt Injection Code Execution Framework Agent

CWE-94 6 ATLAS

CRITICAL

Sage AI Plugin: unrestricted upload → web shell RCE

Code Execution Data Extraction Auth Bypass Plugin API

5 ATLAS

CRITICAL EXPLOIT AVAIL

Langflow: RCE via unsandboxed code component execution

Code Execution Auth Bypass Framework Agent

langflow CWE-94 5 ATLAS

CRITICAL EXPLOIT AVAIL

Langflow: Unauthenticated RCE via PythonCodeTool

Code Execution Supply Chain Data Extraction Framework Agent Plugin

langflow 6 ATLAS

CRITICAL EXPLOIT AVAIL

PyTorch: RCE via RemoteModule deserialization

Code Execution Supply Chain Framework Training Data

pytorch CWE-502 21.9K 4 ATLAS

CRITICAL EXPLOIT AVAIL

LangChain GraphCypher: prompt injection enables DB wipe

Prompt Injection Data Extraction DoS Framework Agent RAG

langchain CWE-74 2.6K 7 ATLAS

CRITICAL EXPLOIT AVAIL

LangChain.js: path traversal, arbitrary file read/write

Data Extraction Code Execution Data Leakage Framework Agent

langchain.js CWE-22 2.6K 5 ATLAS

CRITICAL EXPLOIT AVAIL

LangChainJS: prompt injection enables full graph DB takeover

Prompt Injection Data Extraction Code Execution Framework Agent API

langchain 2.6K 6 ATLAS

CRITICAL EXPLOIT AVAIL

Affiliator WP Plugin: Unauthenticated Web Shell Upload

Code Execution Auth Bypass Supply Chain Framework API

affiliator 1.5K 6 ATLAS

CRITICAL

Gradio: cleartext MITM exposes ML demo data via share=True

Data Extraction Data Leakage Privacy Violation Framework Inference API

gradio CWE-311 679 4 ATLAS

CRITICAL

Gradio: unauthenticated SSRF in /queue/join, internal pivot

Data Extraction Auth Bypass Code Execution Framework Inference

gradio CWE-918 679 4 ATLAS

CRITICAL EXPLOIT AVAIL

LangChain-Experimental: RCE via eval in math chain

Code Execution Supply Chain Framework Agent

langchain-experimental 2.6K 4 ATLAS

CRITICAL EXPLOIT AVAIL

streamlit-geospatial: blind SSRF via unvalidated URL input

Data Extraction Auth Bypass Framework API

streamlit-geospatial CWE-918 2.8K 3 ATLAS

CRITICAL EXPLOIT AVAIL

streamlit-geospatial: RCE via eval() on vis_params input

Code Execution Framework Inference

streamlit-geospatial 2.8K 4 ATLAS

CRITICAL EXPLOIT AVAIL

streamlit-geospatial: blind SSRF via WMS URL input

Data Extraction Auth Bypass Privacy Violation Framework API

streamlit-geospatial CWE-918 2.8K 4 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial

AI Security Threat Feed

Weekly CISO Take + top threats

Latest AI Security Threats

Need deeper analysis?