AI Threat Alert
Attack Type
Code Execution
Remote code execution (RCE) vulnerabilities in AI frameworks allow attackers to execute arbitrary code on servers running ML inference, training pipelines, or AI agent frameworks.
625
Total CVEs
32
Pages
Page 2 of 32
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| UNKNOWN | CVE-2026-30822 | Flowise: mass assignment allows unauthenticated DB injection | flowise | - |
| CRITICAL | CVE-2026-30824 | Flowise: auth bypass exposes NVIDIA NIM container endpoints | flowise | 9.8 |
| HIGH | CVE-2026-27905 | bentoml: security flaw enables exploitation | bentoml | 7.8 |
| CRITICAL | CVE-2026-27493 | n8n: Code Injection enables RCE | n8n | 9.0 |
| CRITICAL | CVE-2026-27494 | n8n: security flaw enables exploitation | n8n | 9.9 |
| CRITICAL | CVE-2026-27495 | n8n: Code Injection enables RCE | n8n | 9.9 |
| HIGH | CVE-2026-27497 | n8n: SQL Injection exposes database | n8n | 8.8 |
| HIGH | CVE-2026-27498 | n8n: Code Injection enables RCE | n8n | 8.8 |
| CRITICAL | CVE-2026-27577 | n8n: Code Injection enables RCE | n8n | 9.9 |
| MEDIUM | CVE-2026-27578 | n8n: XSS enables session hijacking | n8n | 5.4 |
| UNKNOWN | CVE-2018-7576 | TensorFlow: NPD in 1.6.x crashes ML runtime | tensorflow | - |
| HIGH | CVE-2018-8825 | TensorFlow 1.7: Buffer overflow enables arbitrary code exec | tensorflow | 8.8 |
| UNKNOWN | CVE-2018-10055 | TensorFlow XLA: heap overflow via crafted config file | tensorflow | - |
| UNKNOWN | CVE-2018-7575 | TensorFlow: buffer overflow, potential RCE in 1.7.x | tensorflow | - |
| CRITICAL | CVE-2019-16778 | TensorFlow: heap overflow in UnsortedSegmentSum op | tensorflow | 9.8 |
| MEDIUM | CVE-2020-15191 | TensorFlow: null ptr deref in dlpack causes remote DoS | tensorflow | 5.3 |
| HIGH | CVE-2020-15193 | TensorFlow: uninitialized memory corruption via dlpack | tensorflow | 7.1 |
| HIGH | CVE-2020-15195 | TensorFlow: heap overflow in sparse gradient op | tensorflow | 8.8 |
| CRITICAL | CVE-2020-15196 | TensorFlow: heap OOB read in sparse/ragged count ops | tensorflow | 9.9 |
| MEDIUM | CVE-2020-15198 | TensorFlow: heap OOB in SparseCountSparseOutput ops | tensorflow | 5.4 |