AI Threat Alert
Training Data
Training data is both the model's most valuable input and its most underprotected one. Three problem classes dominate. First, poisoning: an attacker who can influence a public dataset, a web crawl, or a fine-tuning corpus can plant backdoors or biases that survive into the deployed model — BadNets-style attacks on image classifiers, trigger-phrase attacks on LLMs, and reward-hacking on RLHF datasets. Second, memorization and leakage: models can regurgitate verbatim training data, exposing PII and copyrighted content; this has driven the active New York Times v. OpenAI litigation and is a recurring GDPR concern. Third, provenance: when training data origins are unclear, downstream users inherit legal and security risk they can't assess. EU AI Act Article 10 (Data Governance) and ISO 42001 Annex A treat training-data quality as a controlled asset. Defenses: data lineage tracking, deduplication, PII scrubbing before training, and adversarial training against known trigger families.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2025-15031 | mlflow: Path Traversal enables file access | mlflow | 9.1 |
| HIGH | CVE-2026-28416 | gradio: SSRF allows internal network access | gradio | 8.6 |
| UNKNOWN | CVE-2018-10055 | TensorFlow XLA: heap overflow via crafted config file | tensorflow | - |
| UNKNOWN | CVE-2018-7577 | TensorFlow: Snappy memcpy overlap crash/mem disclosure | tensorflow | - |
| HIGH | CVE-2020-15195 | TensorFlow: heap overflow in sparse gradient op | tensorflow | 8.8 |
| CRITICAL | CVE-2020-15196 | TensorFlow: heap OOB read in sparse/ragged count ops | tensorflow | 9.9 |
| HIGH | CVE-2020-26267 | TensorFlow: OOB read in DataFormatVecPermute op | tensorflow | 7.8 |
| HIGH | CVE-2021-29512 | TensorFlow: heap buffer overflow in RaggedBincount op | tensorflow | 7.8 |
| HIGH | CVE-2021-29514 | TensorFlow: heap buffer overflow in RaggedBincount op | tensorflow | 7.8 |
| HIGH | CVE-2021-29520 | TensorFlow: heap buffer overflow in Conv3DBackprop ops | tensorflow | 7.8 |
| MEDIUM | CVE-2021-29524 | TensorFlow: div-by-zero DoS in Conv2D backprop op | tensorflow | 5.5 |
| HIGH | CVE-2021-29540 | TensorFlow: heap buffer overflow in Conv2D gradient op | tensorflow | 7.8 |
| HIGH | CVE-2021-29559 | TensorFlow: heap OOB read in UnicodeEncode leaks memory | tensorflow | 7.1 |
| HIGH | CVE-2021-29566 | TensorFlow: heap OOB write in Dilation2D training op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-29572 | TensorFlow: null ptr deref crashes SdcaOptimizer op | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29573 | TensorFlow: div-by-zero in MaxPoolGrad op causes DoS | tensorflow | 5.5 |
| HIGH | CVE-2021-29578 | TensorFlow: heap buffer overflow in FractionalAvgPoolGrad | tensorflow | 7.8 |
| HIGH | CVE-2021-29607 | TensorFlow: heap OOB write in SparseAdd op | tensorflow | 7.8 |
| HIGH | CVE-2021-29608 | TensorFlow: heap OOB in RaggedTensorToTensor op | tensorflow | 7.8 |
| HIGH | CVE-2021-29614 | TensorFlow: OOB write in decode_raw crashes interpreter | tensorflow | 7.8 |
Page 1 of 9