AI Threat Alert
ATLAS Landscape
AML.T0002.000
Datasets
Adversaries may collect public datasets to use in their operations. Datasets used by the victim organization or datasets that are representative of the data used by the victim organization may be valuable to adversaries. Datasets can be stored in cloud storage, or on victim-owned websites. Some datasets require the adversary to [Establish Accounts](/techniques/AML.T0021) for access. Acquired datasets help the adversary advance their operations, stage attacks, and tailor attacks to the victim organization.
7 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2024-27133 | MLflow: XSS in recipe runner enables Jupyter RCE | mlflow | 9.6 |
| CRITICAL | CVE-2025-62608 | mlx: security flaw enables exploitation | mlx | 9.1 |
| HIGH | CVE-2021-41226 | TensorFlow: heap OOB in SparseBinCount, crash/disclosure | tensorflow | 7.1 |
| MEDIUM | CVE-2024-55459 | Keras: path traversal enables arbitrary file write | keras | 6.5 |
| UNKNOWN | CVE-2025-12638 | Keras: Path Traversal enables file access | — | |
| HIGH | CVE-2026-23982 | — | ||
| HIGH | CVE-2026-41486 | Ray: Parquet RCE via Arrow extension deserialization | ray | — |