AI Threat Alert

AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

2

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 377 results — Medium severity

Severity CVE ID Summary CVSS EPSS Package Date

MEDI CVE-2025-3933 A Regular Expression Denial of Service (ReDoS)... 5.3 0.0% transformers Jul 11 MEDI CVE-2025-6716 The Photos, Files, YouTube, Twitter, Instagram,... 6.4 — — Jul 11 MEDI CVE-2025-7021 Fullscreen API Spoofing and UI Redressing in the... 6.5 — operator Jul 10 MEDI CVE-2025-6211 LlamaIndex vulnerable to data loss through hash... 6.5 0.1% llama-index Jul 10 MEDI CVE-2025-6210 LlamaIndex vulnerability in its ObsidianReader... 6.2 0.0% — Jul 7 MEDI CVE-2025-5472 LlamaIndex vulnerable to DoS attack through... 6.5 0.1% llama-index-core Jul 7 MEDI CVE-2025-3044 LlamaIndex vulnerability in ArxivReader class can... 5.3 0.1% — Jul 7 MEDI CVE-2025-3264 A Regular Expression Denial of Service (ReDoS)... 5.3 0.0% transformers Jul 7 MEDI CVE-2025-3263 A Regular Expression Denial of Service (ReDoS)... 5.3 0.0% transformers Jul 7 MEDI CVE-2025-3108 LlamaIndex has Incomplete Documentation of... 5.0 1.1% llama-index-core Jul 7 MEDI CVE-2025-52554 n8n is a workflow automation platform. Prior to... 4.3 — n8n Jul 3 MEDI CVE-2025-45809 SQL Injection vulnerability in BerriAI LiteLLM... 5.4 — litellm Jul 3 MEDI CVE-2025-49595 n8n is a workflow automation platform. Prior to... 4.9 — n8n Jul 3 MEDI CVE-2025-6854 A vulnerability classified as problematic was... 4.3 0.1% langchain-chatchat Jun 29 MEDI CVE-2025-49592 n8n is a workflow automation platform. Versions... 5.4 — n8n Jun 26 MEDI CVE-2025-52967 gateway_proxy_handler in MLflow before 3.1.0... 5.8 0.1% mlflow Jun 23 MEDI CVE-2025-48944 vLLM is an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI CVE-2025-48943 vLLM is an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI CVE-2025-48942 vLLM is an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI CVE-2025-48887 vLLM, an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI GHSA-j828-28rj-hfhp vLLM vulnerable to Regular Expression Denial of... 4.3 — vllm May 28 MEDI CVE-2025-1194 A Regular Expression Denial of Service (ReDoS)... 6.5 0.1% transformers Apr 29 MEDI CVE-2025-46343 n8n is a workflow automation platform. Prior to... 5.4 — n8n Apr 29 MEDI CVE-2025-3730 A vulnerability, which was classified as... 5.5 0.1% pytorch Apr 16 MEDI GHSA-hf3c-wxg2-49q9 vLLM vulnerable to Denial of Service by abusing... 6.5 — vllm Apr 15 MEDI CVE-2025-32381 xgrammar Vulnerable to Denial of Service (DoS) by... 6.5 0.3% xgrammar Apr 9 MEDI GHSA-v7x6-rv5q-mhwc Picklescan missing detection when calling... — — picklescan Apr 7 MEDI GHSA-fj43-3qmq-673f Picklescan failed to detect to some unsafe global... — — picklescan Apr 7 MEDI CVE-2025-3121 A vulnerability classified as problematic has... 5.5 — pytorch Apr 2 MEDI CVE-2025-31843 Missing Authorization vulnerability in Wilson... 4.3 — — Apr 1 MEDI CVE-2025-3001 A vulnerability classified as critical was found... 5.3 — pytorch Mar 31 MEDI CVE-2025-3000 A vulnerability classified as critical has been... 5.3 — pytorch Mar 31 MEDI CVE-2025-2999 A vulnerability was found in PyTorch 2.6.0. It... 5.3 — pytorch Mar 31 MEDI CVE-2025-2998 A vulnerability was found in PyTorch 2.6.0. It... 5.3 — pytorch Mar 31 MEDI CVE-2025-2953 A vulnerability, which was classified as... 5.5 0.2% pytorch Mar 30 MEDI CVE-2025-0508 SageMaker Workflow component allows possibility... 5.9 0.1% sagemaker Mar 20 MEDI CVE-2024-7045 Open WebUI Has Improper Access Control Leading to... 4.3 0.1% open-webui Mar 20 MEDI CVE-2024-7035 Open WebUI Vulnerable to Cross-Site Request... 6.9 0.0% open-webui Mar 20 MEDI CVE-2024-7046 Open WebUI Allows Viewing of Admin Details 4.3 0.1% open-webui Mar 20 MEDI CVE-2024-7034 Open WebUI Allows Arbitrary File Write via the... 6.5 3.0% open-webui Mar 20 MEDI CVE-2024-7033 Open WebUI Allows Arbitrary File Write via the... 6.5 1.2% open-webui Mar 20 MEDI CVE-2024-7044 Open WebUI Vulnerable to Cross-Site Scripting... 6.8 0.3% open-webui Mar 20 MEDI CVE-2024-12910 LlamaIndex Uncontrolled Resource Consumption... 5.9 0.3% llama-index Mar 20 MEDI GHSA-564p-rx2q-4c8v BentoML Open Redirect vulnerability 6.1 — bentoml Mar 20 MEDI CVE-2025-1474 In mlflow/mlflow version 2.18, an admin is able... 5.5 0.1% mlflow Mar 20 MEDI CVE-2024-8021 An open redirect vulnerability exists in the... 6.1 2.7% gradio Mar 20 MEDI CVE-2024-6838 In mlflow/mlflow version v2.13.2, a vulnerability... 5.3 0.1% mlflow Mar 20 MEDI CVE-2024-6577 In the latest version of pytorch/serve, the... 6.3 0.1% — Mar 20 MEDI CVE-2024-12217 A vulnerability in the gradio-app/gradio... 5.3 0.1% gradio Mar 20 MEDI CVE-2024-10940 A vulnerability in langchain-core versions... 5.3 0.1% langchain-core Mar 20

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial