AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 199 results — High severity, has patchpicklescan: Code Injection enables RCE
GHSA-955r-x9j8-7rhh picklescan: Code Injection enables RCE
GHSA-rrxm-2pvv-m66x picklescan: Code Injection enables RCE
GHSA-3329-ghmp-jmv5 picklescan: Code Injection enables RCE
GHSA-x843-g5mx-g377 picklescan: Deserialization enables RCE
GHSA-r8g5-cgf2-4m4m picklescan: Protection Bypass circumvents security controls
GHSA-hgrh-qx5j-jfwx picklescan: Deserialization enables RCE
GHSA-vqmv-47xg-9wpr picklescan: Allowlist Bypass evades input filtering
GHSA-84r2-jw7c-4r5q picklescan: Allowlist Bypass evades input filtering
GHSA-4675-36f9-wf6r picklescan: Deserialization enables RCE
GHSA-m273-6v24-x4m4 fickling: Code Injection enables RCE
CVE-2025-67748 fickling: Allowlist Bypass evades input filtering
CVE-2025-67747 langgraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-67644 open-webui: SSRF allows internal network access
CVE-2025-65958 langchain-core: security flaw enables exploitation
CVE-2025-65106 open-webui: Code Injection enables RCE
CVE-2025-64496 Open WebUI: XSS-to-RCE via malicious prompt injection
CVE-2025-64495 langgraph-checkpoint: Deserialization enables RCE
CVE-2025-64439 langgraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-64104 langgraph-checkpoint-sqlite: SQL Injection exposes database
CVE-2025-8709 Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial