Scikit-Learn
AI Threat Alert tracks 3 known AI/ML vulnerabilities affecting Scikit-Learn products — each enriched with CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis. Browse every Scikit-Learn CVE below, sorted by severity and recency.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| CRITICAL | CVE-2020-13092 | scikit-learn: RCE via malicious joblib model deserialization | scikit-learn | 9.8 |
| HIGH | CVE-2020-28975 | scikit-learn: DoS via crafted SVM model deserialization | scikit-learn | 7.5 |
| MEDIUM | CVE-2024-5206 | scikit-learn: TfidfVectorizer leaks training data tokens | scikit-learn | 4.7 |
Frequently asked questions
How many known vulnerabilities affect Scikit-Learn?
3 AI/ML CVEs affecting Scikit-Learn products are tracked, sourced from NVD and GitHub Advisory.
What Scikit-Learn products are affected?
The CVEs below map to the Scikit-Learn AI/ML packages and tools tracked by AI Threat Alert; open any CVE to see the affected components and versions.
Where does the Scikit-Learn vulnerability data come from?
Data is sourced from NVD and GitHub Advisory, then enriched with CVSS severity, EPSS exploit probability, and patch status for each CVE.
How can I monitor Scikit-Learn for new vulnerabilities?
AI Threat Alert tracks Scikit-Learn continuously; a Pro subscription adds breaking alerts when new CVEs affecting Scikit-Learn are published.
How do I assess Scikit-Learn's security exposure?
Each CVE below carries CVSS severity and exploitation signals, so you can review the highest-severity Scikit-Learn issues first and judge the exposure for your stack.