AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 1140 results

Severity CVE ID Summary CVSS EPSS Package Date

HIGH CVE-2025-64439 LangGraph Checkpoint affected by RCE in "json"... — 0.8% — Nov 5 MEDI CVE-2025-12695 The overly permissive sandbox configuration in... 5.9 0.0% — Nov 4 HIGH CVE-2025-62726 n8n is an open source workflow automation... 8.8 — n8n Oct 30 CRIT CVE-2025-12060 The keras.utils.get_file API in Keras, when used... 9.8 0.1% keras Oct 30 LOW CVE-2025-50736 Byaidu PDFMathTranslate vulnerable to open... — 0.0% — Oct 30 HIGH CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL... 7.3 0.1% — Oct 29 UNKN CVE-2025-11203 LiteLLM Information health API_KEY Information... — — — Oct 29 CRIT CVE-2025-11201 MLflow Tracking Server Model Creation Directory... 9.8 9.1% mlflow Oct 29 CRIT CVE-2025-11200 MLflow Weak Password Requirements Authentication... 9.8 0.2% mlflow Oct 29 MEDI CVE-2025-12058 The Keras.Model.load_model method, including when... — 0.1% keras Oct 29 HIGH CVE-2025-8709 A SQL injection vulnerability exists in the... 7.3 0.0% — Oct 26 MEDI CVE-2025-11844 Hugging Face Smolagents version 1.20.0 contains... 5.4 0.0% smolagents Oct 22 MEDI CVE-2025-60511 Moodle OpenAI Chat Block plugin 3.0.1... 4.3 — — Oct 21 CRIT CVE-2025-49655 Deserialization of untrusted data can occur in... 9.8 0.0% keras Oct 17 HIGH CVE-2025-7707 llama-index has Insecure Temporary File 7.1 0.0% llama-index Oct 13 CRIT GHSA-m9mp-6x32-5rhg scio is vunerable to Remote Command Execution... — — — Oct 9 MEDI CVE-2025-61620 vLLM: Resource-Exhaustion (DoS) through Malicious... 6.5 — vllm Oct 7 HIGH CVE-2025-6242 A Server-Side Request Forgery (SSRF)... 7.1 0.0% vllm Oct 7 HIGH CVE-2025-61784 LLaMA-Factory is a tuning library for large... 8.1 0.1% llamafactory Oct 7 HIGH CVE-2025-59425 vLLM is an inference and serving engine for large... 7.5 0.4% vllm Oct 7 HIGH CVE-2025-6985 The HTMLSectionSplitter class in... 7.5 0.2% — Oct 6 MEDI CVE-2025-8917 clearml is vulnerable to Path Traversal through... 5.8 0.0% clearml Oct 5 HIGH CVE-2025-7647 llama-index-core insecurely handles temporary... 7.3 0.0% llama-index-core Sep 27 LOW CVE-2025-59842 JupyterLab LaTeX typesetter links did not enforce... — 0.0% — Sep 26 HIGH CVE-2025-55560 An issue in pytorch v2.7.0 can lead to a Denial... 7.5 — pytorch Sep 25 HIGH CVE-2025-55559 An issue was discovered TensorFlow v2.18.0. A... 7.5 — tensorflow Sep 25 HIGH CVE-2025-55558 A buffer overflow occurs in pytorch v2.7.0 when a... 7.5 — pytorch Sep 25 HIGH CVE-2025-55557 A Name Error occurs in pytorch v2.7.0 when a... 7.5 — pytorch Sep 25 MEDI CVE-2025-55556 TensorFlow v2.18.0 was discovered to output... 6.5 — tensorflow Sep 25 MEDI CVE-2025-55554 pytorch v2.8.0 was discovered to contain an... 5.3 — pytorch Sep 25 HIGH CVE-2025-55553 A syntax error in the component proxy_tensor.py... 7.5 — pytorch Sep 25 HIGH CVE-2025-55552 pytorch v2.8.0 was discovered to display... 7.5 — pytorch Sep 25 HIGH CVE-2025-55551 An issue in the component torch.linalg.lu of... 7.5 — pytorch Sep 25 MEDI CVE-2025-46153 PyTorch before 3.7.0 has a bernoulli_p decompose... 5.3 — pytorch Sep 25 MEDI CVE-2025-46152 In PyTorch before 2.7.0, bitwise_right_shift... 5.3 — pytorch Sep 25 MEDI CVE-2025-46150 In PyTorch before 2.7.0, when torch.compile is... 5.3 — pytorch Sep 25 MEDI CVE-2025-46149 In PyTorch before 2.7.0, when inductor is used,... 5.3 — pytorch Sep 25 MEDI CVE-2025-46148 In PyTorch through 2.6.0, when eager is used,... 5.3 — pytorch Sep 25 HIGH CVE-2025-6921 The huggingface/transformers library, versions... 7.5 0.0% transformers Sep 23 UNKN CVE-2025-59532 Codex CLI is a coding agent from OpenAI that runs... — — — Sep 22 CRIT CVE-2025-59434 Flowise is a drag & drop user interface to build... 9.6 — — Sep 22 HIGH CVE-2025-9906 The Keras Model.load_model method can be... 7.3 0.1% keras Sep 19 HIGH CVE-2025-9905 The Keras Model.load_model method can be... 7.3 0.0% keras Sep 19 HIGH CVE-2025-10155 An Improper Input Validation vulnerability in the... 7.8 0.0% picklescan Sep 17 MEDI CVE-2025-58177 n8n is an open source workflow automation... 5.4 — n8n Sep 15 MEDI CVE-2025-6051 A Regular Expression Denial of Service (ReDoS)... 5.3 0.0% transformers Sep 14 CRIT CVE-2025-9556 Langchaingo supports the use of jinja2 syntax... 9.8 — — Sep 12 HIGH CVE-2025-6638 A Regular Expression Denial of Service (ReDoS)... 7.5 0.0% transformers Sep 12 HIGH CVE-2025-10156 Picklescan: ZIP archive scan bypass is possible... 7.5 0.4% picklescan Sep 10 HIGH CVE-2025-10157 Picklescan is Vulnerable to Unsafe Globals Check... 8.3 0.1% picklescan Sep 10

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial