scikit-learn Vulnerabilities

pip ML Libraries

AI Threat Alert tracks 3 known vulnerabilities in scikit-learn, 1 rated critical — an AI/ML ml libraries in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
64
Risk Score
3
Total CVEs
1
Critical
pip
Ecosystem
Jun 6, 2024
Last CVE
0%
Patch Rate
66,491 stars 27,119 forks 2,096 issues 29,217 dependents Last push Jun 27, 2026
View on GitHub
OpenSSF Scorecard 9.4/10

Known Vulnerabilities (3 total, page 1 of 1)

Frequently asked questions

What is scikit-learn?

scikit-learn is an AI/ML ml libraries tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does scikit-learn have?

scikit-learn has 3 known CVEs, 1 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is scikit-learn distributed in?

scikit-learn is distributed via the pip ecosystem and categorized as ml libraries.

Where does the scikit-learn vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of scikit-learn?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor scikit-learn in your stack

Get instant alerts when new vulnerabilities affect scikit-learn. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring