AI Threat Alert
AI Component
Inference
Inference-layer vulnerabilities target the serving infrastructure that runs ML models in production — including vLLM, TensorRT, Triton, and custom serving endpoints.
537
Total CVEs
27
Pages
Page 27 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | GHSA-68f8-9mhj-h2mp | OpenClaw: HTTP scope bypass enables model enumeration | openclaw | - |
| CRITICAL | CVE-2026-0596 | MLflow: command injection via model_uri in mlserver mode | 9.6 | |
| HIGH | CVE-2026-34445 | ONNX: property overwrite via crafted model file | onnx | 8.6 |
| MEDIUM | CVE-2026-34760 | vLLM: audio downmix mismatch enables adversarial input | 5.9 | |
| MEDIUM | GHSA-9q7v-8mr7-g23p | OpenClaw: SSRF in marketplace fetch hits internal AI infra | openclaw | - |
| MEDIUM | CVE-2026-34756 | vLLM: DoS via unbounded n parameter causes OOM crash | vllm | 6.5 |
| CRITICAL | CVE-2026-35030 | LiteLLM: auth bypass via JWT cache key collision | litellm | 9.1 |
| UNKNOWN | CVE-2026-35029 | LiteLLM: auth bypass allows RCE and full takeover | litellm | - |
| MEDIUM | CVE-2026-34755 | vLLM: OOM DoS via unbounded video frame decoding | vllm | 6.5 |
| MEDIUM | CVE-2026-34753 | vLLM: SSRF in batch API exposes cloud metadata endpoints | vllm | 5.4 |
| MEDIUM | CVE-2026-5530 | Ollama: SSRF in Model Pull API enables network pivot | 6.3 | |
| UNKNOWN | CVE-2026-34940 | KubeAI: RCE via shell injection in Ollama startup probe | - | |
| HIGH | CVE-2026-35485 | text-generation-webui: unauthenticated path traversal file read | gradio | 7.5 |
| HIGH | GHSA-69x8-hrgq-fjj8 | LiteLLM: auth bypass chain enables full privilege escalation | litellm | - |
| MEDIUM | CVE-2026-39411 | LobeChat: auth bypass via forged XOR obfuscated header | @lobehub/lobehub | 5.0 |
| HIGH | CVE-2026-40217 | LiteLLM: RCE via bytecode rewriting in guardrails API | litellm | 8.8 |
| MEDIUM | CVE-2026-40086 | rembg: path traversal exposes arbitrary files via HTTP API | rembg | 5.3 |
Page 27 of 27