AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 171 results — Critical severity

Severity CVE ID Summary CVSS EPSS Package Date

CRIT CVE-2025-30404 ExecuTorch integer overflow vulnerability 9.8 0.2% executorch Aug 8 CRIT CVE-2025-54949 ExecuTorch heap buffer overflow vulnerability 9.8 0.2% executorch Aug 8 CRIT CVE-2025-54951 ExecuTorch vulnerable to Heap-based Buffer... 9.8 0.2% executorch Aug 8 CRIT CVE-2025-54950 ExecuTorch out-of-bounds access vulnerability 9.8 0.2% executorch Aug 8 CRIT CVE-2025-30405 ExecuTorch integer overflow vulnerability 9.8 0.2% executorch Aug 8 CRIT CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability 10.0 — azure_openai Aug 7 CRIT CVE-2025-45150 Insecure permissions in LangChain-ChatGLM-Webui... 9.8 — langchain-chatglm-webui Aug 1 CRIT CVE-2025-54381 BentoML is a Python library for building online... 9.9 0.5% bentoml Jul 29 CRIT CVE-2025-46059 langchain-ai v0.3.51 was discovered to contain an... 9.8 — — Jul 29 CRIT CVE-2025-5120 A sandbox escape vulnerability was identified in... 10.0 0.3% smolagents Jul 27 CRIT CVE-2025-6853 A vulnerability classified as critical has been... 9.8 0.2% langchain-chatchat Jun 29 CRIT CVE-2025-53002 LLaMA-Factory is a tuning library for large... 9.8 1.6% llamafactory Jun 26 CRIT CVE-2025-2828 A Server-Side Request Forgery (SSRF)... 10.0 0.1% langchain Jun 23 CRIT CVE-2025-1793 llama_index vulnerable to SQL Injection 9.8 0.0% llama-index Jun 5 CRIT CVE-2025-47277 vLLM, an inference and serving engine for large... 9.8 0.9% vllm May 20 CRIT CVE-2025-47241 Browser Use allows bypassing `allowed_domains` by... 9.3 0.2% browser-use May 5 CRIT CVE-2025-32444 vLLM is a high-throughput and memory-efficient... 9.8 2.5% vllm Apr 30 CRIT GHSA-ggpf-24jw-3fcw CVE-2025-24357 Malicious model remote code... 9.8 — vllm Apr 23 CRIT CVE-2025-32434 PyTorch is a Python package that provides tensor... 9.8 1.2% pytorch Apr 18 CRIT CVE-2025-32428 TigerVNC accessible via the network and not just... — 0.2% — Apr 12 CRIT CVE-2025-32375 BentoML is a Python library for building online... 9.8 67.3% bentoml Apr 9 CRIT CVE-2025-3248 Langflow versions prior to 1.3.0 are susceptible... 9.8 92.5% langflow Apr 7 CRIT CVE-2025-27520 BentoML is a Python library for building online... 9.8 87.3% bentoml Apr 4 CRIT CVE-2024-12029 InvokeAI Deserialization of Untrusted Data... 9.8 49.1% — Mar 21 CRIT CVE-2024-9052 vLLM deserialization vulnerability in... 9.8 0.3% vllm Mar 20 CRIT CVE-2024-8019 PyTorch Lightning path traversal vulnerability 9.1 1.1% pytorch-lightning Mar 20 CRIT CVE-2024-11958 LlamaIndex Retrievers Integration:... 9.8 1.2% — Mar 20 CRIT CVE-2024-9070 A deserialization vulnerability exists in... 9.8 0.3% bentoml Mar 20 CRIT CVE-2024-9053 vllm-project vllm version 0.6.0 contains a... 9.8 2.2% vllm Mar 20 CRIT CVE-2024-11041 vllm-project vllm version v0.6.2 contains a... 9.8 1.3% vllm Mar 20 CRIT CVE-2025-29783 vLLM is a high-throughput and memory-efficient... 9.0 1.7% vllm Mar 19 CRIT CVE-2025-1550 The Keras Model.load_model function permits... 9.8 4.8% keras Mar 11 CRIT CVE-2025-1945 picklescan before 0.0.23 fails to detect... 9.8 0.3% picklescan Mar 10 CRIT CVE-2025-25362 Spacy-LLM Server-Side Template Injection (SSTI)... 9.8 0.5% — Mar 5 CRIT CVE-2023-25574 LTI JupyterHub Authenticator does not properly... 10.0 0.2% — Feb 25 CRIT CVE-2024-12366 PandasAI uses an interactive prompt function that... 9.8 5.9% — Feb 11 CRIT CVE-2024-52803 LLama Factory enables fine-tuning of large... 9.8 2.4% llamafactory Nov 21 CRIT CVE-2024-52384 Unrestricted Upload of File with Dangerous Type... 9.9 — — Nov 14 CRIT CVE-2024-48061 langflow <=1.0.18 is vulnerable to Remote Code... 9.8 10.2% langflow Nov 4 CRIT CVE-2024-42835 langflow v1.0.12 was discovered to contain a... 9.8 16.2% langflow Oct 31 CRIT CVE-2024-48063 In PyTorch <=2.4.1, the RemoteModule has... 9.8 — pytorch Oct 29 CRIT CVE-2024-8309 A vulnerability in the GraphCypherQAChain class... 9.8 3.0% langchain Oct 29 CRIT CVE-2024-7774 A path traversal vulnerability exists in the... 9.1 — langchain.js Oct 29 CRIT CVE-2024-7042 A vulnerability in the GraphCypherQAChain class... 9.8 — langchain Oct 29 CRIT CVE-2024-49326 Unrestricted Upload of File with Dangerous Type... 9.8 — affiliator Oct 20 CRIT CVE-2024-47871 Gradio is an open-source Python package designed... 9.1 0.1% gradio Oct 10 CRIT CVE-2024-47167 Gradio is an open-source Python package designed... 9.8 0.2% gradio Oct 10 CRIT CVE-2024-46946 langchain_experimental (aka LangChain... 9.8 — langchain-experimental Sep 19 CRIT CVE-2024-41120 streamlit-geospatial is a streamlit multipage app... 9.8 — streamlit-geospatial Jul 26 CRIT CVE-2024-41119 streamlit-geospatial is a streamlit multipage app... 9.8 — streamlit-geospatial Jul 26

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial