AI Threat Alert
ATLAS Landscape
AML.T0010.004
Container Registry
An adversary may compromise a victim's container registry by pushing a manipulated container image and overwriting an existing container name and/or tag. Users of the container registry as well as automated CI/CD pipelines may pull the adversary's container image, compromising their AI Supply Chain. This can affect development and deployment environments. Container images may include AI models, so the compromised image could have an AI model which was manipulated by the adversary (See [Manipulate AI Model](/techniques/AML.T0018)).
4 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2026-33475 | langflow: security flaw enables exploitation | langflow | 9.1 |
| HIGH | CVE-2026-33744 | BentoML: command injection in bentofile.yaml containerize | bentoml | 7.8 |
| HIGH | CVE-2025-14287 | mlflow: Code Injection enables RCE | mlflow | 7.5 |
| MEDIUM | CVE-2026-24123 | bentoml: Path Traversal enables file access | bentoml | 6.5 |