AI Threat Alert
Attack Type
Supply Chain
Supply chain attacks target the AI/ML software supply chain — compromised packages, poisoned model repositories, malicious dependencies, or tampered training data distributed through trusted channels.
461
Total CVEs
24
Pages
Page 12 of 24
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2024-37014 | Langflow: unauthenticated RCE via custom component API | langflow | 9.8 |
| CRITICAL | CVE-2024-42835 | Langflow: Unauthenticated RCE via PythonCodeTool | langflow | 9.8 |
| UNKNOWN | CVE-2026-0771 | langflow: Code Injection enables RCE | langflow | - |
| UNKNOWN | CVE-2026-0772 | langflow: Deserialization enables RCE | langflow | - |
| HIGH | CVE-2024-14021 | llamaindex: Deserialization enables RCE | llamaindex | 7.8 |
| MEDIUM | CVE-2023-41626 | Gradio: arbitrary file upload via /upload endpoint | gradio | 4.8 |
| HIGH | CVE-2023-6572 | Gradio: command injection enables RCE on ML servers | gradio | 8.1 |
| HIGH | CVE-2024-1540 | Gradio: CI/CD command injection enables secrets exfil | gradio | 8.2 |
| CRITICAL | CVE-2024-4253 | Gradio: CI/CD command injection enables secrets exfiltration | gradio | 9.1 |
| UNKNOWN | CVE-2024-4254 | Gradio: secrets exfiltration via unsafe fork PR workflow | gradio | - |
| CRITICAL | CVE-2024-39236 | Gradio: code injection via component metadata (CVSS 9.8) | gradio | 9.8 |
| HIGH | CVE-2024-47867 | Gradio: no integrity check on FRP binary, supply chain RCE | gradio | 7.5 |
| HIGH | CVE-2024-10648 | Gradio: path traversal enables arbitrary file deletion DoS | gradio | 8.2 |
| HIGH | CVE-2026-21852 | claude_code: Weak Credentials allow account compromise | claude_code | 7.5 |
| MEDIUM | CVE-2026-25475 | OpenClaw: path traversal enables arbitrary file read | openclaw | 6.5 |
| CRITICAL | CVE-2026-25592 | semantic-kernel: Path Traversal enables file access | semantic-kernel | 9.9 |
| CRITICAL | CVE-2024-52803 | LlamaFactory: RCE via OS command injection in training | llamafactory | 9.8 |
| HIGH | CVE-2025-46567 | LLaMA-Factory: RCE via torch.load() unsafe deserialization | llamafactory | 7.8 |
| CRITICAL | CVE-2025-53002 | LLaMA-Factory: RCE via unsafe checkpoint deserialization | llamafactory | 9.8 |
| CRITICAL | CVE-2025-59528 | Flowise: Unauthenticated RCE via MCP config injection | flowise | 10.0 |