TensorFlow Vulnerabilities

pip ML Libraries

AI Threat Alert tracks 434 known vulnerabilities in TensorFlow, 17 rated critical — an AI/ML ml libraries in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
67
Risk Score
434
Total CVEs
17
Critical
pip
Ecosystem
Sep 25, 2025
Last CVE
4%
Patch Rate
1372d
Avg Time to Patch
195,966 stars 75,187 forks 3,249 issues 3,706 dependents Last push Jun 28, 2026
View on GitHub
OpenSSF Scorecard 7.2/10

Known Vulnerabilities (434 total, page 6 of 18)

Severity CVE ID Summary CVSS Published
MEDIUM CVE-2022-29200 TensorFlow: LSTMBlockCell DoS via invalid tensor rank 5.5 May 20, 2022 MEDIUM CVE-2022-29199 TensorFlow: CHECK-fail DoS in LoadAndRemapMatrix op 5.5 May 20, 2022 MEDIUM CVE-2022-29198 TensorFlow: DoS via sparse tensor input validation failure 5.5 May 20, 2022 MEDIUM CVE-2022-29197 TensorFlow: DoS via UnsortedSegmentJoin input validation 5.5 May 20, 2022 MEDIUM CVE-2022-29196 TensorFlow: DoS via invalid Conv3D filter input 5.5 May 20, 2022 MEDIUM CVE-2022-29195 TensorFlow: StagePeek DoS via unvalidated index scalar 5.5 May 20, 2022 MEDIUM CVE-2022-29193 TensorFlow: DoS via TensorSummaryV2 input validation failure 5.5 May 20, 2022 MEDIUM CVE-2022-29194 TensorFlow: DoS via malformed DeleteSessionTensor input 5.5 May 20, 2022 MEDIUM CVE-2022-29192 TensorFlow: DoS via QuantizeAndDequantize input validation 5.5 May 20, 2022 MEDIUM CVE-2022-29191 TensorFlow: DoS via GetSessionTensor input validation 5.5 May 20, 2022 MEDIUM CVE-2022-23595 TensorFlow XLA: null pointer dereference causes DoS 6.5 Feb 4, 2022 MEDIUM CVE-2022-23594 TensorFlow MLIR: heap OOB via malicious SavedModel file 5.5 Feb 4, 2022 HIGH CVE-2022-23593 TensorFlow MLIR-TFRT: DoS via scalar shape segfault 7.5 Feb 4, 2022 HIGH CVE-2022-23592 TensorFlow: heap OOB read in type inference engine 8.1 Feb 4, 2022 HIGH CVE-2022-23591 TensorFlow: SavedModel stack overflow via recursive GraphDef 7.5 Feb 4, 2022 HIGH CVE-2022-23590 TensorFlow: DoS via malicious SavedModel GraphDef 7.5 Feb 4, 2022 MEDIUM CVE-2022-23589 TensorFlow Grappler: DoS via malicious SavedModel 6.5 Feb 4, 2022 MEDIUM CVE-2022-23588 TensorFlow: DoS via crafted SavedModel crashes Grappler 6.5 Feb 4, 2022 CRITICAL CVE-2022-23587 TensorFlow: integer overflow in Grappler enables RCE 9.8 Feb 4, 2022 MEDIUM CVE-2022-23586 TensorFlow: SavedModel DoS crashes Python interpreter 6.5 Feb 4, 2022 MEDIUM CVE-2022-23585 TensorFlow: memory leak in PNG decode causes DoS 6.5 Feb 4, 2022 MEDIUM CVE-2022-23584 TensorFlow: use-after-free in PNG decode causes DoS 6.5 Feb 4, 2022 MEDIUM CVE-2022-23583 TensorFlow: SavedModel type confusion triggers DoS crash 6.5 Feb 4, 2022 MEDIUM CVE-2022-23582 TensorFlow: SavedModel CHECK-fail causes DoS 6.5 Feb 4, 2022 MEDIUM CVE-2022-23581 TensorFlow: DoS via Grappler optimizer CHECK failure 6.5 Feb 4, 2022

Showing 126–150 of 434

Frequently asked questions

What is TensorFlow?

TensorFlow is an AI/ML ml libraries tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does TensorFlow have?

TensorFlow has 434 known CVEs, 17 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is TensorFlow distributed in?

TensorFlow is distributed via the pip ecosystem and categorized as ml libraries.

Where does the TensorFlow vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of TensorFlow?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor TensorFlow in your stack

Get instant alerts when new vulnerabilities affect TensorFlow. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring