AI Threat Alert
AI Security Threat Feed
Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.
AI/ML CVEs Tracked
Critical
New This Week
In CISA KEV
Latest AI Security Threats
Showing 20 of 220 results — Medium severity, has patchllama-index-core: DoS causes service disruption
CVE-2025-6208 chainlit: IDOR enables unauthorized data access
CVE-2025-68492 monai: Path Traversal enables file access
CVE-2026-21851 picklescan: Code Injection enables RCE
GHSA-6556-fwc2-fg2p picklescan: Code Injection enables RCE
GHSA-cffc-mxrf-mhh4 Keras: safe_mode bypass enables file read and SSRF
CVE-2025-12058 vllm: DoS via Jinja template injection in chat API
CVE-2025-61620 clearml: path traversal in safe_extract → RCE risk
CVE-2025-8917 xgrammar: DoS via oversized JSON schema grammar parsing
CVE-2025-58446 picklescan: scanner bypass enables model RCE
GHSA-q77w-mwjj-7mqx picklescan: scanner bypass enables RCE via ML model files
GHSA-49gj-c84q-6qm9 picklescan: scan bypass allows silent RCE via ML models
GHSA-9w88-8rmg-7g2p picklescan: detection bypass allows undetected RCE in ML models
GHSA-fqq6-7vqf-w3fg picklescan: scanner bypass enables pickle RCE in ML models
GHSA-3gf5-cxq9-w223 picklescan: scanner bypass allows pickle-based RCE
GHSA-j343-8v2j-ff7w picklescan: scanner bypass enables RCE via ML models
GHSA-m869-42cg-3xwr picklescan: detection bypass allows pickle RCE in ML pipelines
GHSA-p9w7-82w4-7q8m picklescan: scanner bypass leads to undetected RCE
GHSA-xp4f-hrf8-rxw7 picklescan: scanner bypass enables PyTorch gadget RCE
GHSA-4whj-rm5r-c2v8 picklescan: scanner bypass enables RCE via model files
GHSA-9xph-j2h6-g47v Need deeper analysis?
Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.
Start 14-Day Free Trial