EUVD-2026-29511

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

CVE-2026-31228

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

PT-2026-40066

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

CVE-2026-31228

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

Adversarial Robustness Toolbox 安全漏洞

Adversarial Robustness Toolbox is an open-source machine learning security defense and evaluation tool developed by Trusted-AI. Versions of Adversarial Robustness Toolbox 1.20.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the robustness evaluation function i...

Lightweight Cluster-Based Federated Learning for Intrusion Detection in Heterogeneous IoT Networks

The rise of heterogeneous Internet of Things IoT devices has raised security concerns due to their vulnerability to cyberattacks. Intrusion Detection Systems IDS are crucial in addressing these threats. Federated Learning FL offers a privacy-preserving solution, but IoT heterogeneity and limited...

BitHydra: Towards Bit-Flip Inference Cost Attack against Large Language Models

Large language models LLMs have shown impressive capabilities across a wide range of applications, but their ever-increasing size and resource demands make them vulnerable to inference cost attacks, where attackers induce victim LLMs to generate the longest possible output content. In this paper,...

PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

...

PT-2025-16902 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A problematic issue was found in the torch.nn.functional.ctc loss function, located in the file aten/src/ATen/native/LossCTC.cpp. This issue leads to denial of service and can be exploited locally...

Training Transformers for Cyber Security Tasks: A Case Study on Malicious URL Prediction

Highlights Perform a case study on using Transformer models to solve cyber security problems Train a Transformer model to detect malicious URLs under multiple training regimes Compare our model against other deep learning methods, and show it performs on-par with other top-scoring models Identify...

Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack

Overview Machine learning models trained using gradient descent can be forced to make arbitrary misclassifications by an attacker that can influence the items to be classified. The impact of a misclassification varies widely depending on the ML model's purpose and of what systems it is a part...