AI Threat Alert
AI Component
Inference
Inference-layer vulnerabilities target the serving infrastructure that runs ML models in production — including vLLM, TensorRT, Triton, and custom serving endpoints.
537
Total CVEs
27
Pages
Page 25 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2026-1117 | lollms: Access Control bypass enables privilege escalation | lollms | 8.2 |
| HIGH | CVE-2026-22607 | fickling: Allowlist Bypass evades input filtering | fickling | - |
| HIGH | GHSA-mcmc-2m55-j8jj | vllm: Input Validation flaw enables exploitation | vllm | 8.8 |
| HIGH | CVE-2025-67729 | lmdeploy: Deserialization enables RCE | 8.8 | |
| LOW | CVE-2025-63681 | open-webui: Access Control bypass enables privilege escalation | open-webui | - |
| CRITICAL | CVE-2025-34351 | ray: security flaw enables exploitation | ray | - |
| HIGH | CVE-2025-64496 | open-webui: Code Injection enables RCE | open-webui | 7.3 |
| MEDIUM | CVE-2025-61620 | vllm: DoS via Jinja template injection in chat API | vllm | 6.5 |
| UNKNOWN | CVE-2026-33401 | Wallos: SSRF allows internal network access | - | |
| HIGH | CVE-2025-30402 | ExecuTorch: heap overflow in method load, RCE risk | executorch | 8.1 |
| CRITICAL | CVE-2023-48022 | Ray: unauthenticated RCE via job submission API | ray | 9.8 |
| MEDIUM | CVE-2025-58446 | xgrammar: DoS via oversized JSON schema grammar parsing | xgrammar | - |
| HIGH | CVE-2025-57809 | xgrammar: uncontrolled recursion in grammar parsing causes DoS | xgrammar | 7.5 |
| HIGH | CVE-2025-9141 | vLLM: RCE via eval() in Qwen3 Coder tool parser | vllm | 8.8 |
| CRITICAL | CVE-2025-54950 | ExecuTorch: OOB read in model loader enables RCE | executorch | 9.8 |
| CRITICAL | CVE-2025-54951 | ExecuTorch: heap buffer overflow RCE in model loading | executorch | 9.8 |
| CRITICAL | CVE-2025-30405 | ExecuTorch: integer overflow in model load → RCE | executorch | 9.8 |
| CRITICAL | CVE-2025-30404 | ExecuTorch: integer overflow RCE on model load | executorch | 9.8 |
| MEDIUM | CVE-2025-54952 | ExecuTorch: integer overflow enables RCE via model loading | executorch | - |
| MEDIUM | GHSA-j828-28rj-hfhp | vllm: ReDoS in inference endpoints enables DoS | vllm | 4.3 |