AI Threat Alert
Attack Type
Code Execution
Remote code execution (RCE) vulnerabilities in AI frameworks allow attackers to execute arbitrary code on servers running ML inference, training pipelines, or AI agent frameworks.
630
Total CVEs
32
Pages
Page 10 of 32
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-43811 | Sockeye: unsafe YAML load RCE via model config file | 7.8 | |
| HIGH | CVE-2021-4118 | pytorch-lightning: deserialization RCE via malicious checkpoint | pytorch_lightning | 7.8 |
| CRITICAL | CVE-2022-0845 | pytorch-lightning: code injection enables full RCE | pytorch_lightning | 9.8 |
| CRITICAL | CVE-2022-45907 | PyTorch: RCE via unsafe eval in JIT annotations | pytorch | 9.8 |
| CRITICAL | CVE-2023-43654 | TorchServe: SSRF + RCE via unrestricted model URL loading | torchserve | 9.8 |
| MEDIUM | CVE-2023-48299 | TorchServe: ZipSlip arbitrary file write via model upload | torchserve | 5.3 |
| HIGH | CVE-2024-31583 | PyTorch: use-after-free in JIT mobile interpreter, RCE | pytorch | 7.8 |
| HIGH | CVE-2024-37059 | MLflow: RCE via malicious PyTorch model deserialization | mlflow | 8.8 |
| CRITICAL | CVE-2024-5452 | pytorch-lightning: RCE via deepdiff Delta deserialization | pytorch_lightning | 9.8 |
| CRITICAL | CVE-2024-35198 | TorchServe: URL bypass enables arbitrary model loading | torchserve | 9.8 |
| CRITICAL | CVE-2024-48063 | PyTorch: RCE via RemoteModule deserialization | pytorch | 9.8 |
| MEDIUM | CVE-2025-1944 | picklescan: ZIP spoof lets malicious PyTorch models bypass scan | picklescan | 6.5 |
| CRITICAL | CVE-2025-1945 | picklescan: ZIP flag bypass enables RCE in PyTorch models | picklescan | 9.8 |
| HIGH | CVE-2025-2148 | PyTorch: memory corruption in JIT profiler callback handler | pytorch | 7.5 |
| MEDIUM | CVE-2025-2998 | PyTorch: memory corruption in RNN pad_packed_sequence | pytorch | 5.3 |
| MEDIUM | CVE-2025-2999 | PyTorch: memory corruption in RNN sequence unpacking | pytorch | 5.3 |
| MEDIUM | CVE-2025-3000 | PyTorch: memory corruption in torch.jit.script compiler | pytorch | 5.3 |
| MEDIUM | CVE-2025-3001 | PyTorch: lstm_cell memory corruption, local code exec | pytorch | 5.3 |
| CRITICAL | CVE-2025-32434 | PyTorch: RCE bypasses weights_only=True safe-load guard | pytorch | 9.8 |
| CRITICAL | CVE-2025-47277 | vLLM: RCE via exposed TCPStore in distributed inference | vllm | 9.8 |