Lucene search
+L

625 matches found

euvd
euvd
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29553

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

6.3AI score0.00554EPSS
Exploits0References3
euvd
euvd
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29552

The Adversarial Robustness Toolbox ART thru 1.20.1 contains an insecure deserialization vulnerability CWE-502 in its Kubeflow component's model loading functionality. When loading model weights from a file e.g., model.pt during robustness evaluation, the code uses torch.load without the...

6.3AI score0.006EPSS
Exploits0References3
nvd
nvd
added 2026/05/12 6:16 p.m.16 views

CVE-2026-31230

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

9.8CVSS0.00554EPSS
Exploits0References5
nvd
nvd
added 2026/05/12 4:16 p.m.17 views

CVE-2026-31228

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

9.8CVSS0.0061EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/12 12:0 a.m.39 views

CVE-2026-31229

The Adversarial Robustness Toolbox ART thru 1.20.1 contains an insecure deserialization vulnerability CWE-502 in its Kubeflow component's model loading functionality. When loading model weights from a file e.g., model.pt during robustness evaluation, the code uses torch.load without the...

0.006EPSS
Exploits0References2
cve
cve
added 2026/05/12 12:0 a.m.27 views

CVE-2026-31230

The CVE-2026-31230 vulnerability concerns the Adversarial Robustness Toolbox (ART) up to v1.20.1, specifically in its Kubeflow component (robustness_evaluation_fgsm_pytorch.py). The issue arises from using unsafe eval() to parse string values passed via --clip_values and --input_shape, enabling a...

9.8CVSS6.3AI score0.00554EPSS
Exploits0References5
packetstormnews
packetstormnews
added 2026/05/12 12:0 a.m.12 views

SkillSafetyBench: Evaluating Agent Safety under Skill-Facing Attack Surfaces

Reusable skills are becoming a common interface for extending large language model agents, packaging procedural guidance with access to files, tools, memory, and execution environments. However, this modularity introduces attack surfaces that are largely missed by existing safety evaluations: eve...

5.9AI score
Exploits0
ptsecurity
ptsecurity
added 2026/05/12 12:0 a.m.11 views

PT-2026-40116

The Adversarial Robustness Toolbox ART thru 1.20.1 contains an insecure deserialization vulnerability CWE-502 in its Kubeflow component's model loading functionality. When loading model weights from a file e.g., model.pt during robustness evaluation, the code uses torch.load without the...

6.3AI score0.006EPSS
Exploits0References3
cve
cve
added 2026/05/12 12:0 a.m.20 views

CVE-2026-31229

The ART (Adversarial Robustness Toolbox) package up to v1.20.1 contains an insecure deserialization vulnerability in its Kubeflow component’s model loading path. Loading model weights (e.g., model.pt) uses torch.load() without weights_only=True, allowing arbitrary Python object deserialization vi...

9.8CVSS6.3AI score0.006EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/12 12:0 a.m.8 views

CVE-2026-31228

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

6.5AI score0.0061EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.10 views

Adversarial Robustness Toolbox 安全漏洞

Adversarial Robustness Toolbox is an open-source machine learning security defense and evaluation tool developed by Trusted-AI. Versions of Adversarial Robustness Toolbox 1.20.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the robustnessevaluationfgsmpytorch....

9.8CVSS6.1AI score0.00554EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.9 views

Adversarial Robustness Toolbox 安全漏洞

Adversarial Robustness Toolbox is an open-source machine learning security defense and evaluation tool developed by Trusted-AI. Versions of Adversarial Robustness Toolbox 1.20.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the model loading function in the...

9.8CVSS6.2AI score0.006EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.11 views

Adversarial Robustness Toolbox 安全漏洞

Adversarial Robustness Toolbox is an open-source machine learning security defense and evaluation tool developed by Trusted-AI. Versions of Adversarial Robustness Toolbox 1.20.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the robustness evaluation function i...

9.8CVSS5.9AI score0.0061EPSS
Exploits0References1
cve
cve
added 2026/05/12 12:0 a.m.30 views

CVE-2026-31228

The connected documents confirm a vulnerability in the Adversarial Robustness Toolbox (ART) up to version 1.20.1, specifically in its Kubeflow component. The root cause is that the robustness evaluation function for PyTorch models uses Python’s unsafe eval() to dynamically evaluate user-supplied ...

9.8CVSS6.5AI score0.0061EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.14 views

JunoClaw 操作系统命令注入漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions prior to JunoClaw 0.x.y-security-1 contained an operating system command injection vulnerability. This vulnerability stemmed from a substring blacklist in the plugin-shell command security check, which could be...

8.4CVSS5.8AI score0.00171EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/12 12:0 a.m.13 views

PT-2026-40117

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustness evaluation fgsm pytorch.py. The script uses the unsafe eval function to parse string values provided via the --clip values and --input shape command-lin...

6.3AI score0.00554EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/05/12 12:0 a.m.20 views

Still Camouflage, Moving Illusion: View-Induced Trajectory Manipulation in Autonomous Driving

Existing physical adversarial attacks on vision-based autonomous driving induce time-evolving perception errors, including biased object tracking or trajectory prediction, through i sophisticated physical patch inducing detection box drift when entering the view distance, or ii dynamically changi...

5.7AI score
Exploits0
cvelist
cvelist
added 2026/05/12 12:0 a.m.38 views

CVE-2026-31230

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...

0.00554EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/12 12:0 a.m.40 views

CVE-2026-31228

The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...

0.0061EPSS
Exploits0References2
packetstormnews
packetstormnews
added 2026/05/11 12:0 a.m.11 views

When Prompts Become Payloads: A Framework for Mitigating SQL Injection Attacks in Large Language Model-Driven Applications

Natural language interfaces to structured databases are becoming increasingly common, largely due to advances in large language models LLMs that enable users to query data using conversational input rather than formal query languages such as SQL. While this paradigm significantly improves usabili...

5.9AI score
Exploits0
Rows per page
Query Builder