3 matches found
PYSEC-2026-2220
A vulnerability in MLflow versions =3.10.1.dev0 allows unauthorized access to multipart upload MPU endpoints when the --serve-artifacts mode is enabled. The authorization logic does not enforce resource-level permission checks for /mlflow-artifacts/mpu/ endpoints, enabling attackers to overwrite...
Lifecycle-Integrated Security for AI-Cloud Convergence in Cyber-Physical Infrastructure
The convergence of Artificial Intelligence AI inference pipelines with cloud infrastructure creates a dual attack surface where cloud security standards and AI governance frameworks intersect without unified enforcement mechanisms. AI governance, cloud security, and industrial control system...
LLM Scalability Risk for Agentic-AI and Model Supply Chain Security
Large Language Models LLMs & Generative AI are transforming cybersecurity, enabling both advanced defenses and new attacks. Organizations now use LLMs for threat detection, code review, and DevSecOps automation, while adversaries leverage them to produce malwares and run targeted social-engineeri...