AI Threat Alert
AI Component
Model
Model-level vulnerabilities affect the trained weights, architectures, or inference behavior of AI/ML models — including adversarial robustness, backdoor attacks, and model extraction.
220
Total CVEs
11
Pages
Page 11 of 11
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2025-54952 | ExecuTorch: integer overflow enables RCE via model loading | executorch | - |
| MEDIUM | GHSA-r54c-2xmf-2cf3 | ms-swift: RCE via pickle deserialization in adapter models | - | |
| CRITICAL | CVE-2024-12029 | InvokeAI: RCE via unsafe torch.load deserialization | 9.8 | |
| CRITICAL | GHSA-ggpf-24jw-3fcw | vLLM: RCE via malicious model, PyTorch < 2.6 bypass | vllm | 9.8 |
| MEDIUM | GHSA-v7x6-rv5q-mhwc | picklescan: bypass allows silent RCE in ML pipelines | picklescan | - |
| MEDIUM | GHSA-fj43-3qmq-673f | picklescan: numpy bypass enables RCE in ML model pipelines | picklescan | - |
| HIGH | CVE-2025-46417 | picklescan: scanner bypass enables DNS data exfiltration | picklescan | - |
| HIGH | CVE-2024-7776 | ONNX: path traversal in download_model enables RCE | onnx | 8.1 |
| MEDIUM | CVE-2025-1716 | picklescan: scanner bypass enables supply chain RCE | picklescan | - |
| MEDIUM | CVE-2025-1889 | picklescan: extension bypass enables RCE on model load | picklescan | - |
| HIGH | CVE-2024-5187 | ONNX: path traversal in model download enables RCE | onnx | 8.8 |
| CRITICAL | CVE-2023-6020 | Ray: unauthenticated LFI exposes entire filesystem | ray | 9.3 |
| HIGH | CVE-2026-27893 | vLLM: trust_remote_code bypass enables RCE | vllm | 8.8 |
| UNKNOWN | CVE-2026-27489 | ONNX: symlink path traversal allows arbitrary file read | onnx | - |
| HIGH | CVE-2026-34445 | ONNX: property overwrite via crafted model file | onnx | 8.6 |
| MEDIUM | CVE-2026-34446 | ONNX: hardlink path traversal leaks sensitive files | onnx | 4.7 |
| MEDIUM | CVE-2026-34447 | ONNX: symlink traversal reads host files via model loading | onnx | 5.5 |
| HIGH | GHSA-q56x-g2fj-4rj6 | onnx: TOCTOU symlink following enables arbitrary file write | onnx | 7.1 |
| MEDIUM | CVE-2026-33865 | MLflow: stored XSS via MLmodel YAML artifact upload | mlflow | - |
| MEDIUM | CVE-2026-33866 | MLflow: auth bypass exposes model artifacts across experiments | mlflow | - |
Page 11 of 11