AI Threat Alert AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

78

New This Week

16

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited
Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 225 results — Critical severity
Severity CVE ID Summary CVSS EPSS Package Date
CRIT E CVE-2025-32434 PyTorch: RCE bypasses weights_only=True safe-load guard 9.8 1.2% pytorch Apr 18 CRIT E CVE-2025-32428 jupyter-remote-desktop-proxy: VNC network exposure 0.2% jupyter-remote-desktop-proxy Apr 12 CRIT E CVE-2025-32375 BentoML: RCE via insecure deserialization in runner 9.8 67.3% bentoml Apr 9 CRIT CVE-2025-3248 Langflow: Unauth RCE via code injection endpoint 9.8 91.8% langflow Apr 7 CRIT E CVE-2025-27520 BentoML: unauthenticated RCE via insecure deserialization 9.8 81.0% bentoml Apr 4 CRIT E CVE-2024-12029 InvokeAI: RCE via unsafe torch.load deserialization 9.8 44.2% Mar 21 CRIT CVE-2024-9052 vLLM: RCE via pickle deserialization in distributed API 9.8 0.3% vllm Mar 20 CRIT E CVE-2024-8019 pytorch-lightning: file upload RCE (Windows) 9.1 2.1% pytorch-lightning Mar 20 CRIT E CVE-2024-12909 llama-index finchat: SQL injection enables RCE 10.0 4.1% llama-index-packs-finchat Mar 20 CRIT E CVE-2024-11958 llama-index DuckDB retriever: SQLi enables RCE 9.8 4.1% llama-index-retrievers-duckdb-retriever Mar 20 CRIT E CVE-2024-9070 BentoML: unauthenticated RCE via runner deserialization 9.8 0.4% bentoml Mar 20 CRIT E CVE-2024-9053 vllm: RCE via unsafe pickle deserialization in RPC server 9.8 10.0% vllm Mar 20 CRIT E CVE-2024-11041 vllm: RCE via unsafe pickle deserialization in MessageQueue 9.8 5.6% vllm Mar 20 CRIT E CVE-2025-29783 vLLM: RCE via unsafe deserialization in Mooncake KV 9.0 2.8% vllm Mar 19 CRIT E CVE-2025-1550 Keras: safe_mode bypass enables RCE via model loading 9.8 8.0% keras Mar 11 CRIT E CVE-2025-1945 picklescan: ZIP flag bypass enables RCE in PyTorch models 9.8 0.9% picklescan Mar 10 CRIT E CVE-2025-25362 spacy-llm: SSTI allows unauthenticated RCE (CVSS 9.8) 9.8 0.0% spacy-llm Mar 5 CRIT CVE-2023-25574 JupyterHub LTI13: JWT forgery enables full auth bypass 10.0 0.4% Feb 25 CRIT CVE-2024-12366 PandasAI: prompt injection enables unauthenticated RCE 9.8 5.9% Feb 11 CRIT E CVE-2024-52803 LlamaFactory: RCE via OS command injection in training 9.8 3.2% llamafactory Nov 21

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial