AI Threat Alert
ATLAS Landscape
AML.T0044
Full AI Model Access
Adversaries may gain full "white-box" access to an AI model. This means the adversary has complete knowledge of the model architecture, its parameters, and class ontology. They may exfiltrate the model to [Craft Adversarial Data](/techniques/AML.T0043) and [Verify Attack](/techniques/AML.T0042) in an offline where it is hard to detect their behavior.
7 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2025-63389 | ollama: Missing Auth allows unauthenticated access | ollama | 9.8 |
| HIGH | CVE-2026-2033 | mlflow: Path Traversal enables file access | mlflow | 8.1 |
| HIGH | CVE-2025-30165 | vLLM: pickle RCE in multi-node inference deployments | vllm | 8.0 |
| HIGH | CVE-2021-37659 | TensorFlow: heap OOB in cwise ops enables local RCE | tensorflow | 7.8 |
| HIGH | CVE-2021-41201 | TensorFlow: uninitialized var in Einsum allows local RCE | tensorflow | 7.8 |
| MEDIUM | CVE-2025-2998 | PyTorch: memory corruption in RNN pad_packed_sequence | pytorch | 5.3 |
| MEDIUM | CVE-2020-15211 | TensorFlow Lite: heap OOB RW via flatbuffer tensor index | tensorflow | 4.8 |