AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 524 results — High severity

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2024-0453 The AI ChatBot plugin for WordPress is vulnerable... 7.7 — — May 22 HIGH CVE-2024-0452 The AI ChatBot plugin for WordPress is vulnerable... 7.7 — — May 22 HIGH CVE-2024-3848 A path traversal vulnerability exists in... 7.5 — mlflow May 16 HIGH CVE-2024-34527 spaces_plugin/app.py in SolidUI 0.4.0 has an... 7.5 — — May 6 HIGH CVE-2024-34510 Gradio before 4.20 allows credential leakage on... 7.5 0.1% gradio May 5 HIGH CVE-2024-34072 sagemaker-python-sdk is a library for training... 7.8 — — May 3 HIGH CVE-2024-31583 Pytorch before version v2.2.0 was discovered to... 7.8 — pytorch Apr 17 HIGH CVE-2024-3571 langchain-ai/langchain is vulnerable to path... 8.8 — langchain Apr 16 HIGH CVE-2024-1594 A path traversal vulnerability exists in the... 7.5 — mlflow Apr 16 HIGH CVE-2024-1593 A path traversal vulnerability exists in the... 7.5 — mlflow Apr 16 HIGH CVE-2024-1560 A path traversal vulnerability exists in the... 8.1 — mlflow Apr 16 HIGH CVE-2024-1558 A path traversal vulnerability exists in the... 7.5 — mlflow Apr 16 HIGH CVE-2024-1483 A path traversal vulnerability exists in... 7.5 — mlflow Apr 16 HIGH CVE-2024-1728 gradio-app/gradio is vulnerable to a local file... 7.5 — gradio Apr 10 HIGH CVE-2024-1540 A command injection vulnerability exists in the... 8.2 — gradio Mar 27 HIGH CVE-2024-28088 LangChain through 0.1.10 allows ../ directory... 8.1 — langchain Mar 4 HIGH CVE-2023-51449 Gradio is an open-source Python package that... 7.5 — gradio Dec 22 HIGH CVE-2023-7018 Deserialization of Untrusted Data in GitHub... 7.8 — transformers Dec 20 HIGH CVE-2023-6730 Deserialization of Untrusted Data in GitHub... 8.8 0.2% transformers Dec 19 HIGH CVE-2023-6909 Path Traversal: '\..\filename' in GitHub... 7.5 — mlflow Dec 18 HIGH CVE-2023-6831 Path Traversal: '\..\filename' in GitHub... 8.1 — mlflow Dec 15 HIGH CVE-2023-6572 Command Injection in GitHub repository... 8.1 — gradio Dec 14 HIGH CVE-2023-6753 Path Traversal in GitHub repository mlflow/mlflow... 8.8 — mlflow Dec 13 HIGH CVE-2023-6709 Improper Neutralization of Special Elements Used... 8.8 — mlflow Dec 12 HIGH CVE-2023-43472 An issue in MLFlow versions 2.8.1 and before... 7.5 — mlflow Dec 5 HIGH CVE-2023-6015 MLflow allowed arbitrary files to be PUT onto the... 7.5 — mlflow Nov 16 HIGH CVE-2023-46315 The zanllp sd-webui-infinite-image-browsing (aka... 7.5 — — Oct 22 HIGH CVE-2023-32786 In Langchain through 0.0.155, prompt injection... 7.5 — langchain Oct 20 HIGH CVE-2023-46229 LangChain before 0.0.317 allows SSRF via... 8.8 — langchain Oct 19 HIGH CVE-2023-27506 Improper buffer restrictions in the Intel(R)... 7.8 — optimization_for_tensorflow Aug 11 HIGH CVE-2023-4033 OS Command Injection in GitHub repository... 7.8 0.2% mlflow Aug 1 HIGH CVE-2023-36189 SQL injection vulnerability in langchain before... 7.5 0.2% langchain Jul 6 HIGH CVE-2023-30172 A directory traversal vulnerability in the... 7.5 — mlflow May 11 HIGH CVE-2023-27564 The n8n package 0.218.0 for Node.js allows... 7.5 — n8n May 10 HIGH CVE-2023-27563 The n8n package 0.218.0 for Node.js allows... 8.8 — n8n May 10 HIGH CVE-2023-2356 Relative Path Traversal in GitHub repository... 7.5 — mlflow Apr 28 HIGH CVE-2023-27579 TensorFlow is an end-to-end open source platform... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25801 TensorFlow is an open source machine learning... 7.8 — tensorflow Mar 25 HIGH CVE-2023-25676 TensorFlow is an open source machine learning... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25675 TensorFlow is an open source machine learning... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25674 TensorFlow is an open source machine learning... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25673 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25672 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25671 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25670 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25669 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25667 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25666 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25665 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25 HIGH CVE-2023-25663 TensorFlow is an open source platform for machine... 7.5 — tensorflow Mar 25

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial