aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6449 items

GRACE-FL: Green Resource-Aware Communication-Efficient Federated Learning

inforesearchPeer-Reviewed
research
Nov 25, 2025

GRACE-FL is a framework for federated learning (collaborative training where multiple devices learn together while keeping their data private) that reduces energy use and communication costs on resource-limited devices like smartphones or IoT sensors. The system adjusts each device's training settings based on how much battery or power it has available, so devices with more energy can do harder computational work while weaker devices do lighter work, and a special aggregation strategy (method for combining results) weights each device's contribution fairly based on its energy capacity.

IEEE Xplore (Security & AI Journals)

A Simple Unified Uncertainty-Guided Framework for Offline-to-Online Reinforcement Learning

inforesearchPeer-Reviewed
research

Deep Model Fusion: A Survey

inforesearchPeer-Reviewed
research

CVE-2025-13380: The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to Arbitrary File Read in

mediumvulnerability
security
Nov 25, 2025
CVE-2025-13380

A WordPress plugin called 'The AI Engine for WordPress: ChatGPT, GPT Content Generator' has a vulnerability that allows attackers with Contributor-level access or higher to read any file on the server. The problem exists because the plugin doesn't properly check file paths that users provide to certain functions (the 'lqdai_update_post' AJAX endpoint and the insert_image() function), which could expose sensitive information.

Antigravity Grounded! Security Vulnerabilities in Google's Latest IDE

highnews
security
Nov 25, 2025

Google's new Antigravity IDE inherits multiple security vulnerabilities from the Windsurf codebase it was licensed from, including remote command execution (RCE, where an attacker can run commands on a system they don't own) via indirect prompt injection (tricking an AI by hiding instructions in its input), hidden instruction execution, and data exfiltration. The IDE's default setting allows the AI to automatically execute terminal commands without human review, relying on the language model's judgment to determine if a command is safe, which researchers have successfully bypassed with working exploits.

Adversarial Training in Low-Label Regimes With Margin-Based Interpolation

inforesearchPeer-Reviewed
research

Investigating the Robustness of Fuzzy Deep Learning on Noisy Medical Images

inforesearchPeer-Reviewed
research

Visual Safety Mapping for UAV Landings Using Ordinal Regression Networks

inforesearchPeer-Reviewed
research

CVE-2025-65106: LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1

highvulnerability
security
Nov 21, 2025
CVE-2025-65106

LangChain, a framework for building AI agents and applications powered by large language models, has a template injection vulnerability (a security flaw where attackers can hide malicious code in text templates) in versions 0.3.79 and earlier and 1.0.0 through 1.0.6. Attackers can exploit this by crafting malicious template strings that access internal Python object data in ChatPromptTemplate and similar classes, particularly when an application accepts untrusted template input.

CVE-2025-65946: Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Prior to version 3.26.7, Due to an error

highvulnerability
security
Nov 21, 2025
CVE-2025-65946

Roo Code is an AI-powered coding agent that runs inside code editors. Before version 3.26.7, a validation error allowed Roo to automatically execute commands that weren't on an allow list (a list of approved commands), which is a type of command injection vulnerability (where attackers trick a system into running unintended commands).

CVE-2025-65107: Langfuse is an open source large language model engineering platform. In versions from 2.95.0 to before 2.95.12 and from

mediumvulnerability
security
Nov 21, 2025
CVE-2025-65107

Langfuse, an open source platform for managing large language models, has a vulnerability in versions 2.95.0–2.95.11 and 3.17.0–3.130.x where attackers could take over user accounts if certain security settings are not configured. The attack works by tricking an authenticated user into clicking a malicious link (via CSRF, which is cross-site request forgery where an attacker tricks your browser into making unwanted requests, or phishing).

CVE-2025-12973: The S2B AI Assistant – ChatBot, ChatGPT, OpenAI, Content & Image Generator plugin for WordPress is vulnerable to arbitra

highvulnerability
security
Nov 21, 2025
CVE-2025-12973

The S2B AI Assistant WordPress plugin (a tool that adds AI chatbot features to websites) has a vulnerability in versions up to 1.7.8 where it fails to check what type of files users are uploading. This allows editors and higher-level users to upload malicious files that could potentially let attackers run commands on the website server (remote code execution, or RCE).

CVE-2025-62609: MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault

highvulnerability
security
Nov 21, 2025
CVE-2025-62609

MLX is an array framework for machine learning on Apple silicon that has a vulnerability where loading malicious GGUF files (a machine learning model format) causes a segmentation fault (a crash where the program tries to access invalid memory). The problem occurs because the code dereferences an untrusted pointer (uses a memory address without checking if it's valid) from an external library without validation.

CVE-2025-62608: MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflo

criticalvulnerability
security
Nov 21, 2025
CVE-2025-62608

MLX is an array framework (a software library for handling arrays of data in machine learning) for Apple silicon computers. Before version 0.29.4, the software had a heap buffer overflow (a memory safety bug where the program reads beyond allocated memory) in its file-loading function when processing malicious NumPy .npy files (a common data format in machine learning), which could crash the program or leak sensitive information.

Convex Solutions to SfT and NRSfM Under Algebraic Deformation Models

inforesearchPeer-Reviewed
research

Human-Inspired Scene Understanding: A Grounded Cognition Method for Unbiased Scene Graph Generation

inforesearchPeer-Reviewed
research

Rethinking Rotation-Invariant Recognition of Fine-Grained Shapes From the Perspective of Contour Points

inforesearchPeer-Reviewed
research

CVE-2025-62426: vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, the /v1/c

mediumvulnerability
security
Nov 21, 2025
CVE-2025-62426

vLLM is a tool that runs large language models and serves them to users. In versions 0.5.5 through 0.11.0, two API endpoints accept a parameter called chat_template_kwargs that isn't properly checked before being used, allowing attackers to send specially crafted requests that freeze the server and prevent other users' requests from being processed.

CVE-2025-62372: vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can

mediumvulnerability
security
Nov 21, 2025
CVE-2025-62372

vLLM (an inference and serving engine for large language models) versions 0.5.5 through 0.11.0 have a vulnerability where users can crash the engine by sending multimodal embedding inputs (data that combines multiple types of information, like images and text) with incorrect shape parameters, even if the model doesn't support such inputs. This bug has a CVSS score of 8.3 (a 0-10 scale measuring vulnerability severity), indicating it's a high-severity issue.

CVE-2025-62164: vLLM is an inference and serving engine for large language models (LLMs). From versions 0.10.2 to before 0.11.1, a memor

highvulnerability
security
Nov 21, 2025
CVE-2025-62164

vLLM versions 0.10.2 through 0.11.0 have a vulnerability in how they process user-supplied prompt embeddings (numerical representations of text). An attacker can craft malicious data that bypasses safety checks and causes memory corruption (writing data to the wrong location in computer memory), which can crash the system or potentially allow remote code execution (RCE, where an attacker runs commands on the server).

Previous234 / 323Next
Nov 25, 2025

This paper presents SUNG, a framework for offline-to-online reinforcement learning (RL), which is training an AI agent first on existing data and then improving it through live interactions. The framework addresses two main problems: limited exploration due to offline data constraints and distribution shift (when the agent encounters data patterns it wasn't trained on). SUNG uses uncertainty estimation via a VAE (variational autoencoder, a type of neural network that learns data patterns) to guide both exploration (trying new actions) and exploitation (using known good actions), achieving strong performance on standard benchmarks.

IEEE Xplore (Security & AI Journals)
Nov 25, 2025

Deep model fusion is a technique that combines parameters or predictions from multiple deep learning models into one unified system to improve performance by reducing individual model biases and errors. The survey categorizes four main fusion approaches: weight average (averaging model parameters), mode connectivity (connecting models through optimized paths), alignment (matching corresponding units between models), and ensemble learning (combining model outputs during inference). However, applying this technique to large-scale models like LLMs (large language models, which are AI systems trained on massive amounts of text) faces challenges including high computational cost and interference between different types of models.

IEEE Xplore (Security & AI Journals)
NVD/CVE Database
Embrace The Red
safety
Nov 24, 2025

Deep neural networks can be fooled by adversarial attacks (small, carefully crafted changes to input data that cause incorrect predictions), but training them to resist these attacks usually requires large amounts of labeled data. This paper proposes margin-based interpolation, a technique that adjusts how strongly to attack training data based on each example's difficulty and reliability, and uses global epsilon scheduling (gradually increasing perturbation strength during training) to help models become robust while maintaining accuracy, even with limited labeled data.

IEEE Xplore (Security & AI Journals)
safety
Nov 24, 2025

This research studies how deep neuro-fuzzy systems (DNFS, a type of AI that combines deep learning with fuzzy logic, which handles uncertain or imprecise information) perform on medical images that contain noise (unwanted degradation that makes images unclear). The researchers tested the DNFS on seven different medical imaging datasets with six types of noise and adversarial attacks (deliberate perturbations designed to fool AI models), and found that the DNFS maintained better accuracy on noisy images compared to other state-of-the-art models, though both approaches remained vulnerable to adversarial attacks.

IEEE Xplore (Security & AI Journals)
Nov 24, 2025

Researchers developed OR-SLZNet, a deep learning model that helps drones automatically identify safe landing zones by analyzing camera images in real time. The model assigns each pixel a safety score by combining visual features like color and texture with geometric information like flatness and slope, enabling drones to make quick landing decisions in emergencies or autonomous missions.

IEEE Xplore (Security & AI Journals)

Fix: Update to LangChain version 0.3.80 or 1.0.7, where the vulnerability has been patched.

NVD/CVE Database

Fix: Update to version 3.26.7 or later. According to the source, 'This issue has been patched in version 3.26.7.'

NVD/CVE Database

Fix: Update to Langfuse version 2.95.12 or 3.131.0, where the issue has been patched. Alternatively, as a workaround, set the AUTH_<PROVIDER>_CHECK configuration parameter.

NVD/CVE Database
NVD/CVE Database

Fix: This issue has been patched in version 0.29.4. Users should update MLX to version 0.29.4 or later.

NVD/CVE Database

Fix: Update MLX to version 0.29.4 or later. The vulnerability has been patched in this version.

NVD/CVE Database
Nov 21, 2025

This paper presents mathematical approaches to solve Shape-from-Template (SfT, reconstructing a 3D object's shape from a single image using a known template) and Non-Rigid Structure-from-Motion (NRSfM, figuring out how a flexible object moves and its 3D structure from video). The researchers use Semi-Definite Programming (SDP, a mathematical optimization technique for solving certain types of problems) to find solutions that work with different types of object deformation models, requiring only point correspondences (matching points between images) rather than additional impractical assumptions.

IEEE Xplore (Security & AI Journals)
Nov 21, 2025

Scene Graph Generation (SGG, a method that identifies objects and their relationships in images) is limited by long-tailed bias, where the AI model performs well on common relationships but poorly on rare ones. This paper proposes a Grounded Cognition Method (GCM) that mimics human thinking by using techniques like Out Domain Knowledge Injection to broaden visual understanding, a Semantic Group Aware Synthesizer to organize relationship categories, modality erasure (removing one type of input at a time) to improve robustness, and a Shapley Enhanced Multimodal Counterfactual module to handle diverse contexts.

IEEE Xplore (Security & AI Journals)
Nov 21, 2025

This research addresses the problem of recognizing shapes that have been rotated at different angles in computer vision (the field of teaching computers to understand images). The authors propose a new method that focuses on analyzing the outline or contour points of shapes rather than individual pixels, and they use a special neural network module to identify geometric patterns in these contours while ignoring rotation. Their approach shows better results than previous methods, especially for complex shapes, and it works even when the contour data is slightly noisy or imperfect.

IEEE Xplore (Security & AI Journals)

Fix: Update to vLLM version 0.11.1 or later, where this issue has been patched.

NVD/CVE Database

Fix: This issue has been patched in version 0.11.1. Users should upgrade to vLLM version 0.11.1 or later.

NVD/CVE Database

Fix: Update to vLLM version 0.11.1 or later. The source states: 'This issue has been patched in version 0.11.1.'

NVD/CVE Database