AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,140

AI/ML CVEs Tracked

171

Critical

228

New This Week

In CISA KEV

Weekly CISO Take + top threats

Get the week's most critical AI security threats delivered every Monday. Free, no spam.

Sort: Date CVSS EPSS KEV first

Filter: All Critical High Medium KEV only Has patch No patch

Latest AI Security Threats

Showing 50 of 1140 results

Severity CVE ID Summary CVSS EPSS Package Date

MEDI CVE-2025-48944 vLLM is an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI CVE-2025-48943 vLLM is an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI CVE-2025-48942 vLLM is an inference and serving engine for large... 6.5 0.1% vllm May 30 MEDI CVE-2025-48887 vLLM, an inference and serving engine for large... 6.5 0.1% vllm May 30 HIGH CVE-2025-48889 Gradio is an open-source Python package that... 7.5 0.9% gradio May 30 HIGH CVE-2025-46722 vLLM is an inference and serving engine for large... 7.3 0.1% vllm May 29 LOW CVE-2025-46570 vLLM is an inference and serving engine for large... 2.6 0.1% vllm May 29 LOW CVE-2025-5320 A vulnerability classified as problematic has... 3.7 0.0% gradio May 29 MEDI GHSA-j828-28rj-hfhp vLLM vulnerable to Regular Expression Denial of... 4.3 — vllm May 28 HIGH CVE-2025-5173 A vulnerability has been found in HumanSignal... 7.8 0.1% — May 26 CRIT CVE-2025-47277 vLLM, an inference and serving engine for large... 9.8 0.9% vllm May 20 HIGH CVE-2025-2099 A vulnerability in the `preprocess_string()`... 7.5 0.1% transformers May 19 UNKN CVE-2025-1975 A vulnerability in the Ollama server version... — — ollama May 16 HIGH CVE-2025-47783 label-studio vulnerable to Cross-Site Scripting... — 0.2% label-studio May 15 HIGH CVE-2025-1752 LlamaIndex Vulnerable to Denial of Service (DoS) 7.5 0.2% llama-index May 10 HIGH CVE-2025-0649 Incorrect JSON input stringification in Google's... 7.5 — tensorflow_serving May 6 HIGH CVE-2025-30165 vLLM is an inference and serving engine for large... 8.0 1.3% vllm May 6 LOW CVE-2025-4287 A vulnerability was found in PyTorch 2.6.0+cu124.... 3.3 — — May 5 CRIT CVE-2025-47241 Browser Use allows bypassing `allowed_domains` by... 9.3 0.2% browser-use May 5 HIGH CVE-2025-46567 LLama Factory enables fine-tuning of large... 7.8 0.2% llamafactory May 1 HIGH CVE-2025-46560 vLLM is a high-throughput and memory-efficient... 7.5 0.6% vllm Apr 30 CRIT CVE-2025-32444 vLLM is a high-throughput and memory-efficient... 9.8 2.5% vllm Apr 30 HIGH CVE-2025-30202 vLLM is a high-throughput and memory-efficient... 7.5 0.4% vllm Apr 30 MEDI CVE-2025-1194 A Regular Expression Denial of Service (ReDoS)... 6.5 0.1% transformers Apr 29 MEDI CVE-2025-46343 n8n is a workflow automation platform. Prior to... 5.4 — n8n Apr 29 CRIT GHSA-ggpf-24jw-3fcw CVE-2025-24357 Malicious model remote code... 9.8 — vllm Apr 23 CRIT CVE-2025-32434 PyTorch is a Python package that provides tensor... 9.8 1.2% pytorch Apr 18 MEDI CVE-2025-3730 A vulnerability, which was classified as... 5.5 0.1% pytorch Apr 16 MEDI GHSA-hf3c-wxg2-49q9 vLLM vulnerable to Denial of Service by abusing... 6.5 — vllm Apr 15 CRIT CVE-2025-32428 TigerVNC accessible via the network and not just... — 0.2% — Apr 12 CRIT CVE-2025-32375 BentoML is a Python library for building online... 9.8 67.3% bentoml Apr 9 MEDI CVE-2025-32381 xgrammar Vulnerable to Denial of Service (DoS) by... 6.5 0.3% xgrammar Apr 9 MEDI GHSA-v7x6-rv5q-mhwc Picklescan missing detection when calling... — — picklescan Apr 7 MEDI GHSA-fj43-3qmq-673f Picklescan failed to detect to some unsafe global... — — picklescan Apr 7 HIGH CVE-2025-46417 Picklescan Vulnerable to Exfiltration via DNS via... — 0.2% picklescan Apr 7 CRIT CVE-2025-3248 Langflow versions prior to 1.3.0 are susceptible... 9.8 92.5% langflow Apr 7 CRIT CVE-2025-27520 BentoML is a Python library for building online... 9.8 87.3% bentoml Apr 4 HIGH CVE-2025-30370 jupyterlab-git has a command injection... 7.4 0.1% — Apr 4 LOW CVE-2025-3136 A vulnerability, which was classified as... 3.3 — pytorch Apr 3 MEDI CVE-2025-3121 A vulnerability classified as problematic has... 5.5 — pytorch Apr 2 MEDI CVE-2025-31843 Missing Authorization vulnerability in Wilson... 4.3 — — Apr 1 MEDI CVE-2025-3001 A vulnerability classified as critical was found... 5.3 — pytorch Mar 31 MEDI CVE-2025-3000 A vulnerability classified as critical has been... 5.3 — pytorch Mar 31 MEDI CVE-2025-2999 A vulnerability was found in PyTorch 2.6.0. It... 5.3 — pytorch Mar 31 MEDI CVE-2025-2998 A vulnerability was found in PyTorch 2.6.0. It... 5.3 — pytorch Mar 31 MEDI CVE-2025-2953 A vulnerability, which was classified as... 5.5 0.2% pytorch Mar 30 HIGH CVE-2025-30358 Mesop is a Python-based UI framework that allows... 8.1 3.1% — Mar 27 CRIT CVE-2024-12029 InvokeAI Deserialization of Untrusted Data... 9.8 49.1% — Mar 21 HIGH CVE-2025-0628 LiteLLM Has an Improper Authorization... 8.1 0.1% litellm Mar 20 HIGH CVE-2025-0330 LiteLLM Has a Leakage of Langfuse API Keys 7.5 0.1% litellm Mar 20

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial