Tag
#cve
4 posts tagged cve.
- ML Security
TensorFlow Security Vulnerabilities in 2026: CVEs, Keras Deserialization, and Supply Chain Risk
A practitioner breakdown of the top tensorflow security vulnerabilities 2026 — CVE-2025-49655 (CVSS 9.8), CVE-2025-12058 (SSRF/file access), DoS flaws in 2.18.0, and CI/CD supply chain compromise.
- Vulnerability Disclosure
LangChain Security Vulnerabilities 2026: CVEs, Attack Chains, and What to Patch
Four verified CVEs in LangChain and LangGraph expose API secrets, filesystem files, and conversation history. CVSS scores, attack paths, and patch
- defense
How to Triage an ML-Stack CVE: A Practical Workflow
A repeatable workflow for taking an ML-library CVE from 'a scanner flagged it' to a defensible decision — without panic-patching everything or trusting
- defense
Reading an ML Library CVE: What to Extract Beyond the CVSS Score
ML library CVEs are usually scored against a generic threat model that doesn't match how the library is used in production AI systems.