AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

New This Week

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 485 results — High severity, no patch

HIGH

NVIDIA: Deserialization enables RCE

Code Execution Supply Chain Data Extraction Framework Training Data Model

CWE-502 6 ATLAS

HIGH EXPLOIT AVAIL

n8n: security flaw enables exploitation

Code Execution Supply Chain Agent Framework

n8n 16 6 ATLAS

HIGH KEV SCANNER

langflow: security flaw enables exploitation

Auth Bypass Code Execution Framework Agent

langflow CWE-346 8 ATLAS

HIGH EXPLOIT AVAIL

mcp-server-kubernetes: Command Injection enables RCE

Code Execution Prompt Injection Auth Bypass Agent Plugin Framework

7 ATLAS

HIGH

vllm: Code Injection enables RCE

Supply Chain Code Execution Framework Inference Model

vllm CWE-94 126 8 ATLAS

HIGH EXPLOIT AVAIL

mlx: security flaw enables exploitation

DoS Supply Chain Framework Model

mlx CWE-476 283 5 ATLAS

HIGH EXPLOIT AVAIL

AI component: Arbitrary File Upload enables RCE

Code Execution Supply Chain Data Extraction Plugin API

6 ATLAS 1 incident

HIGH

vllm: Input Validation flaw enables exploitation

Code Execution DoS Supply Chain Inference API Framework

vllm CWE-20 126 5 ATLAS

HIGH

n8n: security flaw enables exploitation

Code Execution Supply Chain Data Extraction Agent Framework Plugin

n8n 16 6 ATLAS

HIGH EXPLOIT AVAIL

vLLM: timing attack enables API key bypass

Auth Bypass Inference API

vllm CWE-385 126 5 ATLAS

HIGH EXPLOIT AVAIL

Flowise: unrestricted file upload enables persistent RCE

Code Execution Data Leakage Supply Chain Agent Framework

flowise 6 ATLAS

HIGH EXPLOIT AVAIL

PyTorch: DoS via sparse/dense tensor Inductor compile

DoS Framework Inference

pytorch 21.7K 4 ATLAS

HIGH EXPLOIT AVAIL

TensorFlow: DoS via Conv2D valid padding crash

DoS Framework Inference

tensorflow 3.7K 3 ATLAS

HIGH EXPLOIT AVAIL

PyTorch: Inductor compiler buffer overflow causes DoS

DoS Framework Inference

pytorch 21.7K 4 ATLAS

HIGH EXPLOIT AVAIL

PyTorch: DoS via cummin+Inductor NameError in 2.7.0

pytorch 21.7K 3 ATLAS

HIGH EXPLOIT AVAIL

PyTorch 2.7.0: DoS via proxy_tensor.py syntax error

DoS Supply Chain Framework Inference

pytorch 21.7K 3 ATLAS

HIGH EXPLOIT AVAIL

PyTorch: integer overflow in rot90+randn_like causes DoS

DoS Supply Chain Framework Inference

pytorch CWE-190 21.7K 3 ATLAS

HIGH EXPLOIT AVAIL

PyTorch: DoS in linalg.lu via malformed slice op

DoS Framework Inference

pytorch 21.7K 4 ATLAS

HIGH EXPLOIT AVAIL

Transformers: ReDoS in optimizer halts training pipelines

DoS Framework Training Data

transformers CWE-400 7.8K 4 ATLAS

HIGH EXPLOIT AVAIL

Flowise: unauthenticated SSRF exposes internal network

Data Extraction Privacy Violation Agent Framework

flowise 4 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial

AI Security Threat Feed

Weekly CISO Take + top threats

Latest AI Security Threats

Need deeper analysis?