AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

79

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 1092 results — no patch
MEDIUM EXPLOIT AVAIL

TensorFlow: Conv3D div-by-zero crashes ML processes

CVE-2021-29517
5.5
EPSS 0.0%
DoS Framework Inference
tensorflow 3.7K 3 ATLAS
MEDIUM EXPLOIT AVAIL

TensorFlow: null ptr deref crashes RaggedTensor ops

CVE-2021-29516
5.5
EPSS 0.0%
DoS Framework
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: NULL ptr deref in MatrixDiag ops (crash/RCE)

CVE-2021-29515
7.8
EPSS 0.0%
Code Execution DoS Supply Chain Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap buffer overflow in RaggedBincount op

CVE-2021-29514
7.8
EPSS 0.0%
Code Execution Supply Chain Framework Inference Training Data
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: type confusion → null ptr deref (CVSS 7.8)

CVE-2021-29513
7.8
EPSS 0.0%
Code Execution DoS Framework Inference
tensorflow CWE-476 3.7K 3 ATLAS
MEDIUM EXPLOIT AVAIL

TensorFlow: divide-by-zero DoS in DenseCountSparseOutput

CVE-2021-29554
5.5
EPSS 0.0%
DoS Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: heap buffer overflow in RaggedBincount op

CVE-2021-29512
7.8
EPSS 0.0%
Code Execution Framework Training Data
tensorflow CWE-787 3.7K 3 ATLAS
MEDIUM

Qiita::Markdown: XSS in transformer components

CVE-2021-28796
6.1
EPSS 0.2%
Code Execution Data Leakage Social Engineering Framework RAG Plugin
CWE-79 4 ATLAS
LOW

TensorFlow: DoS via zero-length input to LSTM/GRU on CUDA

CVE-2020-26270
3.3
EPSS 0.0%
DoS Framework Inference
tensorflow CWE-20 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: OOB read in glob path matching causes DoS

CVE-2020-26269
7.5
EPSS 0.1%
DoS Framework
tensorflow CWE-125 3.7K 3 ATLAS
MEDIUM EXPLOIT AVAIL

TensorFlow: ImmutableConst segfault crashes Python interpreter

CVE-2020-26268
4.4
EPSS 0.0%
DoS Framework Model
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: OOB read in DataFormatVecPermute op

CVE-2020-26267
7.8
EPSS 0.0%
Code Execution DoS Data Extraction Framework Training Data Inference
tensorflow CWE-125 3.7K 3 ATLAS
MEDIUM EXPLOIT AVAIL

TensorFlow: uninitialized memory read via crafted SavedModel

CVE-2020-26266
5.3
EPSS 0.1%
Supply Chain Data Leakage Code Execution Framework Model Inference
tensorflow CWE-908 3.7K 4 ATLAS
LOW EXPLOIT AVAIL

TensorFlow: OOB read on saved model load leaks heap addresses

CVE-2020-26271
3.3
EPSS 0.0%
Supply Chain Data Extraction Framework Model
tensorflow CWE-125 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

scikit-learn: DoS via crafted SVM model deserialization

CVE-2020-28975
7.5
EPSS 0.3%
DoS Supply Chain Framework Model Inference
scikit-learn 27.9K 5 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: NaN-triggered DoS in crop_and_resize op

CVE-2020-15266
7.5
EPSS 0.1%
DoS Framework Inference
tensorflow CWE-119 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow: OOB read DoS via invalid quantize axis

CVE-2020-15265
7.5
EPSS 0.2%
DoS Framework Inference
tensorflow 3.7K 3 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow Lite: OOB write in segment sum, memory corruption risk

CVE-2020-15214
8.1
EPSS 0.3%
Code Execution Supply Chain DoS Framework Inference Model
tensorflow 3.7K 3 ATLAS
MEDIUM EXPLOIT AVAIL

TensorFlow Lite: OOM DoS via crafted segment sum model

CVE-2020-15213
4.0
EPSS 0.2%
DoS Framework Inference Model
tensorflow CWE-770 3.7K 4 ATLAS
HIGH EXPLOIT AVAIL

TensorFlow Lite: heap OOB write via segment sum op

CVE-2020-15212
8.6
EPSS 0.2%
Code Execution Supply Chain Framework Inference Model
tensorflow CWE-787 3.7K 4 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial