AI Threat Alert
Attack Type
DoS
Denial of service attacks against AI systems exploit resource-intensive operations — large model inference, excessive tokenization, or recursive agent loops — to exhaust compute resources.
525
Total CVEs
27
Pages
Page 20 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2025-46152 | PyTorch: OOB write causes incorrect bitwise shift results | pytorch | 5.3 |
| HIGH | CVE-2025-55551 | PyTorch: DoS in linalg.lu via malformed slice op | pytorch | 7.5 |
| HIGH | CVE-2025-55552 | PyTorch: integer overflow in rot90+randn_like causes DoS | pytorch | 7.5 |
| HIGH | CVE-2025-55553 | PyTorch 2.7.0: DoS via proxy_tensor.py syntax error | pytorch | 7.5 |
| MEDIUM | CVE-2025-55554 | PyTorch: integer overflow in nan_to_num causes DoS | pytorch | 5.3 |
| HIGH | CVE-2025-55557 | PyTorch: DoS via cummin+Inductor NameError in 2.7.0 | pytorch | 7.5 |
| HIGH | CVE-2025-55558 | PyTorch: Inductor compiler buffer overflow causes DoS | pytorch | 7.5 |
| HIGH | CVE-2025-55560 | PyTorch: DoS via sparse/dense tensor Inductor compile | pytorch | 7.5 |
| LOW | CVE-2025-63396 | pytorch: security flaw enables exploitation | pytorch | 3.3 |
| HIGH | CVE-2025-62164 | vllm: Input Validation flaw enables exploitation | vllm | 8.8 |
| MEDIUM | CVE-2024-1455 | LangChain: Billion Laughs XML expansion causes DoS | langchain | 5.9 |
| CRITICAL | CVE-2024-8309 | LangChain GraphCypher: prompt injection enables DB wipe | langchain | 9.8 |
| HIGH | CVE-2024-12704 | llama-index: DoS via infinite loop in LangChain LLM | llamaindex | 7.5 |
| HIGH | CVE-2024-58340 | langchain: security flaw enables exploitation | langchain | 7.5 |
| MEDIUM | CVE-2024-4858 | WP Testimonial Carousel: OpenAI API key hijack, no auth | 5.3 | |
| HIGH | CVE-2024-7714 | AYS ChatGPT WP Plugin: auth bypass disables AI service | 7.5 | |
| MEDIUM | CVE-2024-13698 | Jobify WP: missing authz allows OpenAI key abuse, SSRF | 6.5 | |
| MEDIUM | CVE-2025-29770 | vLLM: DoS via unbounded grammar cache exhausts disk | vllm | 6.5 |
| MEDIUM | CVE-2025-26265 | openairinterface5g: segfault enables DoS via crafted UE message | openairinterface5g | 6.5 |
| MEDIUM | CVE-2025-31843 | OpenAI WP Plugin: broken access control on AI settings | 4.3 |