AI Threat Alert
ATLAS Landscape
AML.T0073
Impersonation
Adversaries may impersonate a trusted person or organization in order to persuade and trick a target into performing some action on their behalf. For example, adversaries may communicate with victims (via [Phishing](/techniques/AML.T0052), or [Spearphishing via Social Engineering LLM](/techniques/AML.T0052.000)) while impersonating a known sender such as an executive, colleague, or third-party vendor. Established trust can then be leveraged to accomplish an adversary's ultimate goals, possibly against multiple victims. Adversaries may target resources that are part of the AI DevOps lifecycle, such as model repositories, container registries, and software registries.
6 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2025-30358 | Mesop: class pollution enables DoS and LLM jailbreak | 8.1 | |
| HIGH | CVE-2025-64496 | open-webui: Code Injection enables RCE | open-webui | 7.3 |
| MEDIUM | CVE-2025-7021 | OpenAI Operator: fullscreen spoofing captures credentials | operator | 6.5 |
| MEDIUM | GHSA-564p-rx2q-4c8v | BentoML: open redirect exposes ML teams to phishing | bentoml | 6.1 |
| MEDIUM | CVE-2026-28415 | gradio: Info Disclosure leaks sensitive data | gradio | 4.7 |
| LOW | CVE-2025-50736 | pdf2zh: security flaw enables exploitation | — |