ML CVEs
ML CVEs ml cves · vulnerability tracking rev.2026.06
// This week archive

The CVEs in your ML stack.

A focused tracker for CVEs in ML and AI infrastructure. PyTorch, TensorFlow, ONNX, vLLM, llama.cpp, transformers, langchain, LlamaIndex, model registries, and the broader AI/ML supply chain — dated, sourced to NVD or vendor advisory.

Enter the archive →

Latest entries

// index10 entries

TensorFlow Security Vulnerabilities in 2026: CVEs, Keras Deserialization, and Supply Chain Risk

ML Security

Best AI Supply Chain Security Tools in 2026

AI Security

LangChain Security Vulnerabilities 2026: CVEs, Attack Chains, and What to Patch

Vulnerability Dis…

How to Triage an ML-Stack CVE: A Practical Workflow

defense

Hugging Face Transformers & Hub: Supply-Chain Risks and Real Advisories

Vulnerability Tra…

PyTorch Security: Notable CVEs and How to Harden Your Loading Path

Vulnerability Tra…

trust_remote_code and the ML Orchestration CVE Class

Vulnerability Tra…

Unsafe Model Deserialization: The Pickle Problem Behind ML CVEs

Vulnerability Tra…

ML CVE Database Vulnerabilities: What's Tracked and Missing

Vulnerability Tra…

Reading an ML Library CVE: What to Extract Beyond the CVSS Score

defense
Why trust us

Trusted by researchers across the AI security community

ML CVEs is part of a 26-site editorial network covering adversarial ML, AI governance, defensive tooling, and ops engineering — all open access.

26
Sites in network
Across 6 topic clusters
400+
Expert articles
And growing daily
Daily
New content
Automated + editorial
Free
Always free to read
Newsletter included
Subscribe

ML CVEs — in your inbox

CVEs in ML libraries, frameworks, and the AI/ML supply chain. — delivered when there's something worth your inbox.

No spam. Unsubscribe anytime.