AI Threat Alert
Attack Type
DoS
Denial of service attacks against AI systems exploit resource-intensive operations — large model inference, excessive tokenization, or recursive agent loops — to exhaust compute resources.
525
Total CVEs
27
Pages
Page 23 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2024-8063 | ollama: divide-by-zero DoS via crafted GGUF model import | ollama | 7.5 |
| HIGH | CVE-2025-0312 | Ollama: null pointer DoS via malicious GGUF model upload | ollama | 7.5 |
| HIGH | CVE-2025-0315 | Ollama: GGUF model upload causes memory exhaustion DoS | ollama | 7.5 |
| HIGH | CVE-2025-0317 | Ollama: DoS via malicious GGUF model file upload | ollama | 7.5 |
| UNKNOWN | CVE-2025-1975 | Ollama: DoS via malicious manifest in /api/pull | ollama | - |
| MEDIUM | CVE-2025-44779 | Ollama: arbitrary file deletion via /api/pull | ollama | 6.6 |
| HIGH | CVE-2025-15514 | ollama: security flaw enables exploitation | ollama | 7.5 |
| HIGH | CVE-2025-66959 | ollama: Input Validation flaw enables exploitation | ollama | 7.5 |
| HIGH | CVE-2025-66960 | ollama: Input Validation flaw enables exploitation | ollama | 7.5 |
| MEDIUM | CVE-2024-9277 | Langflow: ReDoS crashes LLM workflow backend via HTTP POST | langflow | 6.5 |
| HIGH | CVE-2024-58339 | llamaindex: Resource Exhaustion enables DoS | llamaindex | 7.5 |
| UNKNOWN | CVE-2024-1727 | Gradio: CSRF enables disk exhaustion via file upload DoS | gradio | - |
| HIGH | CVE-2024-10569 | Gradio: zip bomb DoS via dataframe CSV upload | gradio | 7.5 |
| HIGH | CVE-2024-10624 | Gradio: ReDoS in DateTime causes CPU exhaustion DoS | gradio | 7.5 |
| HIGH | CVE-2024-10648 | Gradio: path traversal enables arbitrary file deletion DoS | gradio | 8.2 |
| UNKNOWN | CVE-2024-10650 | ChuanhuChatGPT: DoS via multipart payload exhaustion | chuanhuchatgpt | - |
| HIGH | CVE-2024-8966 | Gradio: DoS via malformed multipart boundary | video | 7.5 |
| UNKNOWN | CVE-2025-0187 | Gradio: DoS via oversized upload filename | gradio | - |
| HIGH | CVE-2026-0621 | mcp_typescript_sdk: security flaw enables exploitation | 7.5 | |
| HIGH | CVE-2025-30358 | Mesop: class pollution enables DoS and LLM jailbreak | 8.1 |