AI Threat Alert
Attack Type
DoS
Denial of service attacks against AI systems exploit resource-intensive operations — large model inference, excessive tokenization, or recursive agent loops — to exhaust compute resources.
525
Total CVEs
27
Pages
Page 24 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2020-28975 | scikit-learn: DoS via crafted SVM model deserialization | scikit-learn | 7.5 |
| HIGH | CVE-2024-9056 | BentoML: DoS via multipart boundary exhausts server | bentoml | 7.5 |
| MEDIUM | CVE-2025-49595 | n8n: DoS via empty filesystem URI in binary-data API | n8n | 4.9 |
| MEDIUM | CVE-2025-52554 | n8n: broken authz enables cross-user workflow termination | n8n | 4.3 |
| HIGH | CVE-2024-4888 | litellm: arbitrary file deletion via audio endpoint | litellm | 8.1 |
| HIGH | CVE-2024-10188 | litellm: unauthenticated DoS crashes LLM proxy server | litellm | 7.5 |
| HIGH | CVE-2026-33155 | deepdiff: DoS causes service disruption | - | |
| HIGH | CVE-2026-25048 | xgrammar: security flaw enables exploitation | xgrammar | - |
| MEDIUM | CVE-2026-27482 | ray: Missing Auth allows unauthenticated access | ray | 5.9 |
| HIGH | CVE-2026-0897 | keras: Resource Exhaustion enables DoS | keras | - |
| MEDIUM | CVE-2025-6208 | llama-index-core: DoS causes service disruption | llama-index-core | 5.3 |
| HIGH | CVE-2026-1117 | lollms: Access Control bypass enables privilege escalation | lollms | 8.2 |
| MEDIUM | GHSA-m7j5-r2p5-c39r | picklescan: Deserialization enables RCE | picklescan | - |
| HIGH | GHSA-mcmc-2m55-j8jj | vllm: Input Validation flaw enables exploitation | vllm | 8.8 |
| LOW | CVE-2025-63681 | open-webui: Access Control bypass enables privilege escalation | open-webui | - |
| HIGH | CVE-2025-7707 | llama-index: world-writable NLTK dir allows local tampering | llama-index | 7.1 |
| MEDIUM | CVE-2025-61620 | vllm: DoS via Jinja template injection in chat API | vllm | 6.5 |
| MEDIUM | CVE-2025-58446 | xgrammar: DoS via oversized JSON schema grammar parsing | xgrammar | - |
| HIGH | CVE-2025-5302 | llama-index: JSON parsing DoS via deep recursion | llama-index-core | 8.6 |
| HIGH | CVE-2025-57809 | xgrammar: uncontrolled recursion in grammar parsing causes DoS | xgrammar | 7.5 |