AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

2

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 66 results — Medium severity, has patch

Severity CVE ID Summary CVSS EPSS Package Date

MEDI GHSA-5cxw-w2xg-2m8h fickling's `platform` module subprocess... — — fickling Mar 13 MEDI GHSA-r48f-3986-4f9c fickling modules linecache, difflib and gc are... — — fickling Mar 13 MEDI CVE-2026-28277 LangGraph checkpoint loading has unsafe msgpack... 6.8 0.0% langgraph Mar 5 MEDI GHSA-mhc9-48gj-9gp3 Fickling has safety check bypass via REDUCE+BUILD... — — fickling Feb 25 MEDI CVE-2026-27482 Ray dashboard DELETE endpoints allow... 5.9 0.0% ray Feb 20 MEDI CVE-2026-25640 Pydantic AI is a Python agent framework for... 5.4 0.0% pydantic-ai Feb 6 MEDI CVE-2026-1778 SageMaker Python SDK has Insecure TLS... 5.9 0.0% sagemaker Feb 2 MEDI GHSA-m7j5-r2p5-c39r picklescan vulnerable to arbitrary file create... — — picklescan Feb 2 MEDI CVE-2025-6208 llama-index-core vulnerable to Uncontrolled... 5.3 0.0% llama-index-core Feb 2 MEDI CVE-2025-68492 Chainlit contains an authorization bypass... 4.2 0.0% chainlit Jan 14 MEDI CVE-2026-21851 MONAI has Path Traversal (Zip Slip) in NGC... 5.3 0.0% monai Jan 6 MEDI GHSA-6556-fwc2-fg2p Picklescan is vulnerable to RCE through missing... — — picklescan Dec 30 MEDI GHSA-cffc-mxrf-mhh4 Picklescan is vulnerable to RCE via missing... — — picklescan Dec 29 MEDI CVE-2025-12058 The Keras.Model.load_model method, including when... — 0.1% keras Oct 29 MEDI CVE-2025-61620 vLLM: Resource-Exhaustion (DoS) through Malicious... 6.5 — vllm Oct 7 MEDI CVE-2025-8917 clearml is vulnerable to Path Traversal through... 5.8 0.0% clearml Oct 5 MEDI CVE-2025-58446 xgrammar vulnerable to denial of service by huge... — 0.1% xgrammar Sep 5 MEDI GHSA-q77w-mwjj-7mqx Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-49gj-c84q-6qm9 Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-9w88-8rmg-7g2p Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-fqq6-7vqf-w3fg Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-3gf5-cxq9-w223 Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-j343-8v2j-ff7w Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-m869-42cg-3xwr Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-p9w7-82w4-7q8m Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-xp4f-hrf8-rxw7 Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-4whj-rm5r-c2v8 Picklescan is missing detection when calling... — — picklescan Aug 26 MEDI GHSA-9xph-j2h6-g47v Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-8r4j-24qv-fmq9 Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-cj3c-v495-4xqh Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-7cq8-mj8x-j263 Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-6w4w-5w54-rjvr Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-3vg9-h568-4w9m Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-f54q-57x4-jg88 Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-6vqj-c2q5-j97w Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-x696-vm39-cp64 Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-g344-hcph-8vgg Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-5qwp-399c-mjwf Picklescan has a missing detection when calling... — — picklescan Aug 26 MEDI GHSA-vv6j-3g6g-2pvj Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI GHSA-vr7h-p6mm-wpmh Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI GHSA-h3qp-7fh3-f8h4 Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI GHSA-f745-w6jp-hpxx Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI GHSA-f4x7-rfwp-v3xw Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI GHSA-86cj-95qr-2p4f Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI GHSA-4r9r-ch6f-vxmx Picklescan missing detection when calling pytorch... — — picklescan Aug 22 MEDI CVE-2025-6211 LlamaIndex vulnerable to data loss through hash... 6.5 0.1% llama-index Jul 10 MEDI CVE-2025-5472 LlamaIndex vulnerable to DoS attack through... 6.5 0.1% llama-index-core Jul 7 MEDI CVE-2025-3108 LlamaIndex has Incomplete Documentation of... 5.0 1.1% llama-index-core Jul 7 MEDI CVE-2025-52967 gateway_proxy_handler in MLflow before 3.1.0... 5.8 0.1% mlflow Jun 23 MEDI GHSA-j828-28rj-hfhp vLLM vulnerable to Regular Expression Denial of... 4.3 — vllm May 28

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial