AI Threat Alert tracks 432 known AI/ML vulnerabilities affecting Google products — each enriched with CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis. Browse every Google CVE below, sorted by severity and recency.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-37666 | TensorFlow: null-ptr deref in RaggedTensorToVariant op | tensorflow | 7.8 |
| HIGH | CVE-2021-37667 | TensorFlow: UnicodeEncode null deref, local code exec | tensorflow | 7.8 |
| HIGH | CVE-2021-37671 | TensorFlow: null-ptr deref in Map ops, local C/I/A:High | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37675 | TensorFlow: DoS via division by zero in conv ops | tensorflow | 5.5 |
| HIGH | CVE-2021-37676 | TensorFlow: null ptr deref in SparseFillEmptyRows op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37680 | TFLite: division by zero crashes fully connected layers | tensorflow | 5.5 |
| HIGH | CVE-2021-37681 | TensorFlow Lite: null ptr deref crashes SVDF inference | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37686 | TFLite: infinite loop DoS via crafted strided slice model | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37688 | TensorFlow Lite: DoS via crafted TFLite model file | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37689 | TensorFlow Lite: MLIR null ptr deref crashes inference | tensorflow | 5.5 |
| HIGH | CVE-2021-37663 | TensorFlow: QuantizeV2 heap OOB/null-deref in quantization | tensorflow | 7.8 |
| HIGH | CVE-2021-37665 | TensorFlow MKL: null-ptr/heap-OOB in requantization ops | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37668 | TensorFlow: DoS via div-by-zero in UnravelIndex op | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37669 | TensorFlow: integer conversion DoS in NonMaxSuppression ops | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37670 | TensorFlow: heap OOB read in sorting ops | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37672 | TensorFlow: heap OOB read in SdcaOptimizerV2 | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37673 | TensorFlow: MapStage CHECK-fail causes process DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37674 | TensorFlow: DoS via MaxPoolGrad invalid tensor input | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37677 | TensorFlow: DoS via invalid Dequantize axis argument | tensorflow | 5.5 |
| HIGH | CVE-2021-37678 | TensorFlow/Keras: RCE via YAML model deserialization | tensorflow | 8.8 |
Frequently asked questions
How many known vulnerabilities affect Google?
432 AI/ML CVEs affecting Google products are tracked, sourced from NVD and GitHub Advisory.
What Google products are affected?
The CVEs below map to the Google AI/ML packages and tools tracked by AI Threat Alert; open any CVE to see the affected components and versions.
Where does the Google vulnerability data come from?
Data is sourced from NVD and GitHub Advisory, then enriched with CVSS severity, EPSS exploit probability, and patch status for each CVE.
How can I monitor Google for new vulnerabilities?
AI Threat Alert tracks Google continuously; a Pro subscription adds breaking alerts when new CVEs affecting Google are published.
How do I assess Google's security exposure?
Each CVE below carries CVSS severity and exploitation signals, so you can review the highest-severity Google issues first and judge the exposure for your stack.