AI Component

Training Data

Training data is both the model's most valuable input and its most underprotected one. Three problem classes dominate. First, poisoning: an attacker who can influence a public dataset, a web crawl, or a fine-tuning corpus can plant backdoors or biases that survive into the deployed model — BadNets-style attacks on image classifiers, trigger-phrase attacks on LLMs, and reward-hacking on RLHF datasets. Second, memorization and leakage: models can regurgitate verbatim training data, exposing PII and copyrighted content; this has driven the active New York Times v. OpenAI litigation and is a recurring GDPR concern. Third, provenance: when training data origins are unclear, downstream users inherit legal and security risk they can't assess. EU AI Act Article 10 (Data Governance) and ISO 42001 Annex A treat training-data quality as a controlled asset. Defenses: data lineage tracking, deduplication, PII scrubbing before training, and adversarial training against known trigger families.

196
Total CVEs
10
Pages
Page 8 of 10
Current
Severity CVE CVSS
MEDIUM GHSA-r54c-2xmf-2cf3 -
MEDIUM CVE-2025-51481 6.6
MEDIUM CVE-2025-3044 5.3
HIGH CVE-2025-30167 7.3
HIGH CVE-2025-47783 -
MEDIUM CVE-2025-0508 5.9
CRITICAL CVE-2024-8019 9.1
HIGH CVE-2024-10572 7.5
MEDIUM CVE-2025-1979 6.4
HIGH CVE-2025-25297 8.6
MEDIUM CVE-2025-25296 6.1
HIGH CVE-2025-25295 -
HIGH CVE-2024-49048 8.1
CRITICAL CVE-2023-6020 9.3
CRITICAL CVE-2023-6019 9.8
HIGH CVE-2021-39160 8.8
MEDIUM CVE-2022-36551 6.5
HIGH CVE-2025-15381 8.1
CRITICAL CVE-2026-0545 9.1
MEDIUM CVE-2026-35492 6.5

Page 8 of 10