AI Component

Framework

AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.

1220

Total CVEs

Pages

Page 43 of 61

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2025-5173	label-studio-ml: PyTorch .pt deserialization RCE in YOLO loader	label-studio-ml	7.8
MEDIUM	CVE-2023-27562	n8n: path traversal allows arbitrary file read	n8n	6.5
HIGH	CVE-2023-27563	n8n: privilege escalation exposes full workflow admin	n8n	8.8
HIGH	CVE-2023-27564	n8n: unauthenticated info disclosure exposes credentials	n8n	7.5
MEDIUM	CVE-2025-46343	n8n: stored XSS enables account takeover	n8n	5.4
MEDIUM	CVE-2025-49592	n8n: open redirect enables phishing via login flow	n8n	5.4
MEDIUM	CVE-2025-49595	n8n: DoS via empty filesystem URI in binary-data API	n8n	4.9
MEDIUM	CVE-2025-52554	n8n: broken authz enables cross-user workflow termination	n8n	4.3
MEDIUM	CVE-2025-52478	n8n: Stored XSS enables full account takeover	n8n	5.4
MEDIUM	CVE-2025-57749	n8n: symlink traversal enables arbitrary file read/write	n8n	6.5
CRITICAL	CVE-2025-55526	n8n-workflows: path traversal in download_workflow endpoint	fastapi	9.1
HIGH	CVE-2025-56265	n8n: unrestricted file upload RCE via Chat Trigger	n8n	8.8
HIGH	CVE-2025-62726	n8n: security flaw enables exploitation	n8n	8.8
HIGH	CVE-2025-65964	n8n: security flaw enables exploitation	n8n	8.8
HIGH	CVE-2025-68613	n8n: security flaw enables exploitation	n8n	8.8
MEDIUM	CVE-2025-61914	n8n: XSS enables session hijacking	n8n	5.4
CRITICAL	CVE-2025-68668	n8n: Protection Bypass circumvents security controls	n8n	9.9
MEDIUM	CVE-2025-68697	n8n: security flaw enables exploitation	n8n	5.4
CRITICAL	CVE-2026-21858	n8n: Input Validation flaw enables exploitation	n8n	10.0
CRITICAL	CVE-2026-21877	n8n: Code Injection enables RCE	n8n	9.9

Page 43 of 61

Previous Next

Related AI Components

API Agent Model Inference Training Data RAG

Framework

Related AI Components

Weekly CISO Take + top threats