AI Component

Inference

Inference-layer vulnerabilities target the serving infrastructure that runs ML models in production — including vLLM, TensorRT, Triton, and custom serving endpoints.

537

Total CVEs

Pages

Page 19 of 27

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2025-55552	PyTorch: integer overflow in rot90+randn_like causes DoS	pytorch	7.5
HIGH	CVE-2025-55553	PyTorch 2.7.0: DoS via proxy_tensor.py syntax error	pytorch	7.5
MEDIUM	CVE-2025-55554	PyTorch: integer overflow in nan_to_num causes DoS	pytorch	5.3
HIGH	CVE-2025-55558	PyTorch: Inductor compiler buffer overflow causes DoS	pytorch	7.5
HIGH	CVE-2025-55560	PyTorch: DoS via sparse/dense tensor Inductor compile	pytorch	7.5
HIGH	CVE-2025-62164	vllm: Input Validation flaw enables exploitation	vllm	8.8
MEDIUM	CVE-2025-29770	vLLM: DoS via unbounded grammar cache exhausts disk	vllm	6.5
MEDIUM	CVE-2025-26265	openairinterface5g: segfault enables DoS via crafted UE message	openairinterface5g	6.5
CRITICAL	CVE-2025-53767	Azure OpenAI: SSRF EoP, no auth required (CVSS 10)	azure_openai	10.0
HIGH	CVE-2025-65805	OAI CN5G AMF: Unauthenticated buffer overflow, RCE/DoS	oai-cn5g-amf	7.5
HIGH	CVE-2025-66786	OAI CN5G AMF: unauthenticated JSON DoS on 5G SBI interface	oai-cn5g-amf	7.5
HIGH	CVE-2021-43831	Gradio: path traversal exposes host filesystem to users	gradio	7.7
HIGH	CVE-2022-24770	Gradio: CSV formula injection via flagging enables RCE	gradio	8.8
CRITICAL	CVE-2023-25823	Gradio: hardcoded SSH key leaks via share=True demos	gradio	9.8
HIGH	CVE-2023-51449	Gradio: path traversal grants arbitrary file read	gradio	7.5
CRITICAL	CVE-2024-34359	llama-cpp-python: SSTI in .gguf loader enables RCE		9.6
UNKNOWN	CVE-2024-4181	llama_index: RCE via eval() in RunGptLLM connector	llamaindex	-
HIGH	CVE-2025-48889	Gradio: unauthenticated file copy enables disk DoS	gradio	7.5
UNKNOWN	CVE-2024-3924	text-generation-inference: workflow injection RCE		-
HIGH	CVE-2025-24357	vLLM: unsafe deserialization RCE via model loading	vllm	8.8

Page 19 of 27

Previous Next

Related AI Components

Framework API Agent Model Training Data RAG

Inference

Related AI Components

Weekly CISO Take + top threats