Attack Type

Data Extraction

Data extraction attacks target the information processed or memorised by AI/ML systems. They take three main forms. First, training-data extraction: large language models can memorise verbatim spans of their training corpus, and an attacker who crafts the right prompts can pull back PII, API keys, or copyrighted text — a result demonstrated against GPT-2 by Carlini et al. and reproduced against several production models. Second, model extraction: by repeatedly querying a hosted model and observing outputs, an attacker can reconstruct enough behaviour to clone proprietary fine-tunes. Third, system-prompt and conversation leakage: indirect prompt injection or insecure logging can leak the application's instructions and other users' conversations. Multi-tenant inference platforms (vLLM, Triton, hosted APIs) and RAG systems are particularly exposed. Defenses: output filtering, differential privacy in training, rate limits, and strict tenant isolation.

903
Total CVEs
46
Pages
Page 28 of 46
Current
Severity CVE CVSS
HIGH CVE-2026-44549 7.3
MEDIUM CVE-2026-44568 4.8
MEDIUM CVE-2026-44560 6.5
MEDIUM CVE-2026-44561 5.4
MEDIUM CVE-2026-43570 6.5
MEDIUM CVE-2026-42282 4.3
MEDIUM CVE-2026-44897 6.1
HIGH CVE-2026-44570 8.3
CRITICAL CVE-2026-44336 9.6
MEDIUM CVE-2026-44337 6.3
MEDIUM CVE-2026-43979 5.0
HIGH CVE-2026-2393 7.1
CRITICAL CVE-2026-43995 9.8
HIGH CVE-2026-2614 7.5
HIGH CVE-2026-45134 7.1
HIGH GHSA-7g73-99r4-m4mj -
HIGH GHSA-php6-83fg-gw3g 7.5
HIGH CVE-2026-42863 -
HIGH CVE-2026-42862 -
HIGH CVE-2026-42861 -

Page 28 of 46