aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6498 items

ASGA: Attention-Based Sparse Global Attack to Video Action Recognition

inforesearchPeer-Reviewed
securityresearch
Sep 26, 2025

This paper presents ASGA, a method for creating adversarial attacks (small, crafted changes meant to trick AI models) on video action recognition systems (AI models that identify what actions people are performing in videos). The key innovation is that attackers can compute perturbations (the malicious changes) just once on important keyframes (selected frames that represent the video's content), then replicate these changes across the entire video, making the attack work even when the model samples frames differently and reducing computational cost.

IEEE Xplore (Security & AI Journals)

An Empirical Study of Federated Learning on IoT–Edge Devices: Resource Allocation and Heterogeneity

inforesearchPeer-Reviewed
research

CVE-2025-55560: An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse

highvulnerability
security
Sep 25, 2025
CVE-2025-55560

PyTorch version 2.7.0 has a vulnerability (CVE-2025-55560) that causes a Denial of Service (DoS, where a system becomes unavailable or unresponsive) when a model uses specific sparse tensor functions (torch.Tensor.to_sparse() and torch.Tensor.to_dense()) and is compiled by Inductor (PyTorch's code compilation tool). This issue stems from uncontrolled resource consumption, meaning the system uses up too many computing resources.

CVE-2025-55559: An issue was discovered TensorFlow v2.18.0. A Denial of Service (DoS) occurs when padding is set to 'valid' in tf.keras.

highvulnerability
security
Sep 25, 2025
CVE-2025-55559

CVE-2025-55559 is a vulnerability in TensorFlow v2.18.0 where setting the padding parameter to 'valid' in tf.keras.layers.Conv2D (a layer used in neural networks for image processing) causes a Denial of Service (DoS, where a system becomes unavailable to users). The vulnerability is classified as uncontrolled resource consumption, meaning the system uses up resources like memory or CPU in an uncontrolled way.

CVE-2025-55558: A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshr

highvulnerability
security
Sep 25, 2025
CVE-2025-55558

CVE-2025-55558 is a buffer overflow (a memory safety error where data is written beyond the intended boundaries) in PyTorch version 2.7.0 that occurs when certain neural network operations are combined and compiled using Inductor, a code compiler. This vulnerability causes a Denial of Service attack (making a service unavailable to users), though no CVSS severity score has been assigned yet.

CVE-2025-55557: A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading

highvulnerability
security
Sep 25, 2025
CVE-2025-55557

PyTorch version 2.7.0 has a bug where a name error occurs when a model uses torch.cummin (a function that finds cumulative minimum values) and is compiled by Inductor (PyTorch's compiler for optimizing code). This causes a Denial of Service (DoS, where a system becomes unavailable to users).

CVE-2025-55556: TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in t

mediumvulnerability
security
Sep 25, 2025
CVE-2025-55556

TensorFlow v2.18.0 has a bug where the Embedding function (a neural network layer that converts words or items into numerical representations) produces random results when compiled, causing applications to behave unexpectedly. The issue is tracked as CVE-2025-55556 and has a severity rating that is still being assessed.

CVE-2025-55554: pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().

mediumvulnerability
security
Sep 25, 2025
CVE-2025-55554

PyTorch version 2.8.0 contains an integer overflow vulnerability (a bug where a number gets too large for its storage space and wraps around to an incorrect value) in the torch.nan_to_num function when using the .long() method. The vulnerability is tracked as CVE-2025-55554, though a detailed severity rating has not yet been assigned by NIST.

CVE-2025-55553: A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).

highvulnerability
security
Sep 25, 2025
CVE-2025-55553

CVE-2025-55553 is a syntax error in the proxy_tensor.py file of PyTorch version 2.7.0 that allows attackers to cause a Denial of Service (DoS, a type of attack where a system becomes unavailable to legitimate users). The vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 4.0, indicating moderate severity.

CVE-2025-55552: pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are us

highvulnerability
security
Sep 25, 2025
CVE-2025-55552

PyTorch v2.8.0 has a vulnerability (CVE-2025-55552) where two functions, torch.rot90 (which rotates arrays) and torch.randn_like (which generates random numbers matching a given shape), behave unexpectedly when used together, possibly due to integer overflow or wraparound (where numbers wrap around to negative values instead of staying large).

CVE-2025-55551: An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when per

highvulnerability
security
Sep 25, 2025
CVE-2025-55551

A vulnerability (CVE-2025-55551) exists in PyTorch version 2.8.0 in a math component called torch.linalg.lu that allows attackers to cause a Denial of Service (DoS, where a system becomes unavailable to users) by performing a slice operation (extracting a portion of data). The issue involves uncontrolled resource consumption (CWE-400, where a program uses too much memory or processing power without limits).

CVE-2025-46153: PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency wit

mediumvulnerability
security
Sep 25, 2025
CVE-2025-46153

PyTorch versions before 3.7.0 have a bug in the bernoulli_p decompose function (a mathematical operation used in the dropout layers) that doesn't work the same way as the main CPU implementation, causing problems with nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d when fallback_random=True (a setting that uses random number generation as a backup method).

CVE-2025-46152: In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" a

mediumvulnerability
security
Sep 25, 2025
CVE-2025-46152

CVE-2025-46152 is a bug in PyTorch (a machine learning library) versions before 2.7.0 where the bitwise_right_shift function (which moves binary digits to the right) produces wrong answers when given certain out-of-bounds values. This is classified as an out-of-bounds write vulnerability (CWE-787, where a program writes data outside its intended memory area).

CVE-2025-46150: In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.

mediumvulnerability
security
Sep 25, 2025
CVE-2025-46150

CVE-2025-46150 is a bug in PyTorch (a machine learning framework) versions before 2.7.0 where FractionalMaxPool2d (a function that reduces image dimensions) produces inconsistent results when torch.compile (a performance optimization tool) is used. The issue causes the function to give different outputs under the same conditions, which is problematic for machine learning models that need reproducible, reliable results.

CVE-2025-46149: In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.

mediumvulnerability
security
Sep 25, 2025
CVE-2025-46149

CVE-2025-46149 is a bug in PyTorch (a machine learning library) versions before 2.7.0 where the nn.Fold function crashes with an assertion error when inductor (PyTorch's code optimization tool) is used. This is classified as a reachable assertion vulnerability, meaning the code reaches a safety check that fails unexpectedly.

CVE-2025-46148: In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results.

mediumvulnerability
security
Sep 25, 2025
CVE-2025-46148

PyTorch versions up to 2.6.0 have a bug where the nn.PairwiseDistance function (a tool that calculates distances between pairs of data points) produces wrong answers when using the p=2 parameter in eager mode (the default execution method). This is a correctness issue, meaning the calculation gives incorrect numerical results rather than causing a security breach.

Hecate: Threshold Anonymous Credentials With Private Verifiers and Issuer-Hiding

inforesearchPeer-Reviewed
security

Efficient Instruction Vulnerability Prediction With Heterogeneous SDC Propagation Knowledge Graph

inforesearchPeer-Reviewed
research

CVE-2025-59828: Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.

criticalvulnerability
security
Sep 24, 2025
CVE-2025-59828

Claude Code is a tool that uses AI to help write code, and it had a security flaw in versions before 1.0.39 where Yarn plugins (add-ons for a package manager) would run automatically when checking the version, bypassing Claude Code's trust dialog (a safety check asking users to confirm they trust a directory before working in it). This only affected users with Yarn versions 2.0 and newer, not those using the older Yarn Classic.

Cross-Agent Privilege Escalation: When Agents Free Each Other

highnews
securitysafety
Previous245 / 325Next
Sep 26, 2025

This research studies federated learning (FL, a method where multiple devices collaboratively train an AI model without sending their data to a central server) on real IoT and edge devices (small computing devices like phones and sensors) rather than in simulated environments. The study examines how FL performs in realistic conditions, focusing on heterogeneous scenarios (situations where devices have different computing power, network speeds, and data types), and provides insights to help researchers and practitioners build more practical FL systems.

IEEE Xplore (Security & AI Journals)
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database

Fix: Upgrade PyTorch to version 2.7.0 or later.

NVD/CVE Database

Fix: Upgrade to PyTorch version 2.7.0 or later.

NVD/CVE Database

Fix: Upgrade to PyTorch version 2.7.0 or later.

NVD/CVE Database
NVD/CVE Database
Sep 25, 2025

Hecate is a framework for anonymous credentials (a system allowing users to prove they have certain attributes without revealing their identity) that adds protection for verifiers, the entities checking credentials, while maintaining threshold issuance (requiring multiple parties to approve a credential) and issuer-hiding (hiding which organization issued the credential). The system uses a dual-credential design to let both verifiers and users set policies about who can access information, and testing shows it can verify credentials quickly, in about 37-60 milliseconds.

IEEE Xplore (Security & AI Journals)
Sep 25, 2025

Silent Data Corruption (SDC, where a computer system produces wrong outputs without alerting anyone) is a growing problem in modern chip designs, but current detection methods are inefficient or inaccurate. Researchers proposed VP-HPKG, a new approach that uses a knowledge graph (a map of how instructions relate to each other) combined with neural network techniques to predict which instructions are vulnerable to SDC and detect error propagation paths more efficiently than existing methods.

IEEE Xplore (Security & AI Journals)

Fix: Update Claude Code to version 1.0.39 or later. Users with auto-update enabled will have received the fix automatically. Users updating manually should update to the latest version.

NVD/CVE Database
Sep 24, 2025

Multiple AI coding agents (like GitHub Copilot and Claude Code) can write to each other's configuration files, allowing one compromised agent to modify another agent's settings through an indirect prompt injection (tricking an AI by hiding malicious instructions in its input). This creates a cross-agent privilege escalation, where one agent can 'free' another by giving it additional capabilities to break out of its sandbox (an isolated environment limiting what software can do) and execute arbitrary code.

Embrace The Red