AI Threat Alert
Attack Type
DoS
Denial of service attacks against AI systems exploit resource-intensive operations — large model inference, excessive tokenization, or recursive agent loops — to exhaust compute resources.
525
Total CVEs
27
Pages
Page 21 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2025-12360 | Better: security flaw enables exploitation | 4.3 | |
| HIGH | CVE-2025-65805 | OAI CN5G AMF: Unauthenticated buffer overflow, RCE/DoS | oai-cn5g-amf | 7.5 |
| HIGH | CVE-2025-66786 | OAI CN5G AMF: unauthenticated JSON DoS on 5G SBI interface | oai-cn5g-amf | 7.5 |
| HIGH | CVE-2024-12911 | llama-index: SQLi+DoS via prompt injection in query engine | llamaindex | 7.1 |
| HIGH | CVE-2025-48889 | Gradio: unauthenticated file copy enables disk DoS | gradio | 7.5 |
| HIGH | CVE-2025-6921 | Transformers: ReDoS in optimizer halts training pipelines | transformers | 7.5 |
| HIGH | CVE-2025-62609 | mlx: security flaw enables exploitation | mlx | 7.5 |
| HIGH | CVE-2022-0736 | MLflow: insecure temp file handling causes DoS | mlflow | 7.5 |
| HIGH | CVE-2024-1560 | MLflow: path traversal allows arbitrary directory deletion | mlflow | 8.1 |
| MEDIUM | CVE-2024-3099 | MLflow: URL encoding bypass enables model poisoning | mlflow | 5.4 |
| MEDIUM | CVE-2024-6838 | MLflow: unconstrained input causes UI denial of service | mlflow | 5.3 |
| HIGH | CVE-2025-0453 | MLflow: GraphQL DoS disables ML tracking server | mlflow | 7.5 |
| MEDIUM | CVE-2023-2800 | Transformers: temp file race condition allows local DoS | transformers | 4.7 |
| HIGH | CVE-2024-12720 | Transformers: ReDoS in Nougat tokenizer causes DoS | transformers | 7.5 |
| MEDIUM | CVE-2025-1194 | transformers: ReDoS in GPT-NeoX Japanese tokenizer | transformers | 6.5 |
| HIGH | CVE-2025-2099 | transformers: ReDoS in testing_utils causes DoS | transformers | 7.5 |
| HIGH | CVE-2025-3262 | Transformers: ReDoS in chat.py causes CPU exhaustion | transformers | 7.5 |
| HIGH | CVE-2026-0599 | text-generation: DoS causes service disruption | 7.5 | |
| MEDIUM | CVE-2025-3263 | Transformers: ReDoS in config loader causes serving DoS | transformers | 5.3 |
| MEDIUM | CVE-2025-3264 | Transformers: ReDoS in dynamic module loader causes DoS | transformers | 5.3 |