Framework
AI/ML frameworks sit at the bottom of every AI stack — virtually every production AI system depends transitively on PyTorch or TensorFlow at the training layer, and on LangChain, LlamaIndex, or a similar orchestrator at the application layer. That concentration means a single vulnerability often affects tens of thousands of downstream services. The CVE patterns are recognisable: unsafe deserialization in model loading (the long tail of pickle), template injection in LangChain's prompt-construction utilities, SSRF in LlamaIndex's data-loader connectors, and path traversal in MLflow's experiment storage. PyTorch itself has shipped several high-severity CVEs around its distributed RPC layer. Because these libraries upgrade frequently and downstream applications pin loosely, patching is a real operational problem. AI Threat Alert tracks framework-level CVEs prominently because a single advisory often means urgent work for hundreds of teams.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2022-23572 | TensorFlow: DoS via shape inference assertion failure | tensorflow | 6.5 |
| HIGH | CVE-2022-23573 | TensorFlow: uninitialized memory in AssignOp | tensorflow | 8.8 |
| HIGH | CVE-2022-23574 | TensorFlow: heap OOB read/write enables network RCE | tensorflow | 8.8 |
| MEDIUM | CVE-2022-23575 | TensorFlow: integer overflow in cost estimator → DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23576 | TensorFlow: integer overflow in cost estimator causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23577 | TensorFlow: null pointer deref crashes model loader | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23578 | TensorFlow: memory leak via invalid graph node | tensorflow | 4.3 |
| MEDIUM | CVE-2022-23579 | TensorFlow: DoS via Grappler optimizer CHECK failure | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23580 | TensorFlow: uncontrolled allocation DoS in shape inference | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23581 | TensorFlow: DoS via Grappler optimizer CHECK failure | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23582 | TensorFlow: SavedModel CHECK-fail causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23583 | TensorFlow: SavedModel type confusion triggers DoS crash | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23584 | TensorFlow: use-after-free in PNG decode causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23585 | TensorFlow: memory leak in PNG decode causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23586 | TensorFlow: SavedModel DoS crashes Python interpreter | tensorflow | 6.5 |
| CRITICAL | CVE-2022-23587 | TensorFlow: integer overflow in Grappler enables RCE | tensorflow | 9.8 |
| MEDIUM | CVE-2022-23588 | TensorFlow: DoS via crafted SavedModel crashes Grappler | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23589 | TensorFlow Grappler: DoS via malicious SavedModel | tensorflow | 6.5 |
| HIGH | CVE-2022-23590 | TensorFlow: DoS via malicious SavedModel GraphDef | tensorflow | 7.5 |
| HIGH | CVE-2022-23591 | TensorFlow: SavedModel stack overflow via recursive GraphDef | tensorflow | 7.5 |