Attack Type

Data Extraction

Data extraction attacks target the information processed or memorised by AI/ML systems. They take three main forms. First, training-data extraction: large language models can memorise verbatim spans of their training corpus, and an attacker who crafts the right prompts can pull back PII, API keys, or copyrighted text — a result demonstrated against GPT-2 by Carlini et al. and reproduced against several production models. Second, model extraction: by repeatedly querying a hosted model and observing outputs, an attacker can reconstruct enough behaviour to clone proprietary fine-tunes. Third, system-prompt and conversation leakage: indirect prompt injection or insecure logging can leak the application's instructions and other users' conversations. Multi-tenant inference platforms (vLLM, Triton, hosted APIs) and RAG systems are particularly exposed. Defenses: output filtering, differential privacy in training, rate limits, and strict tenant isolation.

903
Total CVEs
46
Pages
Page 23 of 46
Current
Severity CVE CVSS
MEDIUM GHSA-6pcv-j4jx-m4vx 5.3
LOW GHSA-gj9q-8w99-mp8j -
HIGH GHSA-rg3h-x3jw-7jm5 8.1
MEDIUM GHSA-f934-5rqf-xx47 -
HIGH GHSA-mr34-9552-qr95 -
MEDIUM GHSA-f7fh-qg34-x2xh -
MEDIUM GHSA-jhpv-5j76-m56h -
HIGH GHSA-66r7-m7xm-v49h -
MEDIUM GHSA-536q-mj95-h29h -
MEDIUM GHSA-qmwg-qprg-3j38 -
MEDIUM GHSA-527m-976r-jf79 -
MEDIUM GHSA-rj2p-j66c-mgqh -
HIGH GHSA-525j-hqq2-66r4 -
MEDIUM GHSA-53vx-pmqw-863c -
MEDIUM GHSA-xq94-r468-qwgj -
MEDIUM GHSA-2767-2q9v-9326 -
MEDIUM GHSA-c9h3-5p7r-mrjh -
MEDIUM GHSA-c4qm-58hj-j6pj -
HIGH GHSA-8372-7vhw-cm6q -
MEDIUM GHSA-jwrq-8g5x-5fhm -

Page 23 of 46