CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/04/28 2:16 a.m.•3 views

CVE-2026-7213

7.5CVSS0.00411EPSS

Vulnrichment•added 2026/04/28 1:30 a.m.•2 views

CVE-2026-7213 ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal

7.5CVSS7AI score0.00411EPSS

EUVD•added 2026/04/28 1:30 a.m.•4 views

EUVD-2026-25966

7.5CVSS7.1AI score0.00411EPSS

ATTACKERKB•added 2026/04/28 1:30 a.m.•1 views

CVE-2026-7213

7.5CVSS7AI score0.00411EPSS

Exploits0References5Affected Software1

CVE•added 2026/04/28 1:30 a.m.•6 views

CVE-2026-7213

CVE-2026-7213 affects ef10007 MLOps_MCP 1.0.0, specifically the save_file Tool’s fastmcp_server.py. The issue is a path traversal vulnerability triggered by manipulating the filename/destination argument. It can be exploited remotely; public exploit is available. The project was informed via issu...

7.5CVSS7.1AI score0.00411EPSS

Positive Technologies•added 2026/04/28 12:0 a.m.•5 views

PT-2026-35586

A vulnerability was detected in ef10007 MLOps MCP 1.0.0. This impacts an unknown function of the file fastmcp server.py of the component save file Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now...

7.5CVSS5AI score0.00411EPSS

Exploits0References6

Packet Storm News•added 2025/05/30 12:0 a.m.•3 views

Towards Secure MLOps: Surveying Attacks, Mitigation Strategies, and Research Challenges

The rapid adoption of machine learning ML technologies has driven organizations across diverse sectors to seek efficient and reliable methods to accelerate model development-to-deployment. Machine Learning Operations MLOps has emerged as an integrative approach addressing these requirements by...

6.9AI score

The Hacker News•added 2024/11/15 12:35 p.m.•6 views

Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform

Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning ML platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. "By exploiting custom job permissions, we were able to escalate ou...

8.9AI score

The Hacker News•added 2024/08/26 10:31 a.m.•42 views

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms

Cybersecurity researchers are warning about the security risks in the machine learning ML software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as inherent- and implementation-bas...

9.8CVSS9.5AI score0.81512EPSS

Exploits8

OSSF Malicious Packages•added 2024/07/26 4:53 p.m.•3 views

Malicious code in szn-search-mlops-common (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 062d7a1b66afdb645fe65b5cc0fbd6d24390d777892168de0b2f73c5e63f2320 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score

OSSF Malicious Packages•added 2024/07/26 4:53 p.m.•5 views

Malicious code in szn-search-mlops-serp-downloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e35cfed38428b7a513be4c205127136c3ff4884fd2045b3ad9026c9569068c7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score

OSSF Malicious Packages•added 2024/07/26 4:53 p.m.•4 views

Malicious code in jd-mlops (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27e0c1b0bb778a762b23a541daa571391b073db56f64e90af5a403dffe5bbff3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score

OSV•added 2024/07/26 4:53 p.m.•5 views

MAL-2025-3005 Malicious code in szn-search-mlops-serp-downloader (PyPI)

7.2AI score

GithubExploit•added 2024/06/15 10:9 a.m.•514 views

Exploit for Deserialization of Untrusted Data in Clear Clearml

ClearML Exploit Script This repository contains a Python expl...

8.8CVSS8.9AI score0.02452EPSS

Exploits9

vulnersOsv•added 2024/05/03 8:26 p.m.•1 views

anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +19 more potentially affected by CVE-2024-34073 via sagemaker (>=1.52.1 <=2.207.1)

sagemaker PYPI version =1.52.1, =0.1.1b20230324, =0.9.0, =0.2.8, =1.97.0.dev0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.0.9, =0.1.6, =0.2.0, =0.5.1 and more Source cves: CVE-2024-34073 Source advisory: OSV:GHSA-7PC3-PR3Q-58VG...

7.8CVSS7.1AI score0.01143EPSS

CNVD•added 2024/04/17 12:0 a.m.•6 views

ZenML Directory Traversal Vulnerability

ZenML is an extensible open source MLOps framework for creating portable, production-ready machine learning pipelines. A directory traversal vulnerability exists in ZenML version 0.55.4, which stems from a lack of validity checking of a program's paths when processing directory requests, and can ...

9.9CVSS6.7AI score0.37487EPSS

Exploits2References1

CNNVD•added 2024/03/14 12:0 a.m.•2 views

ZenML Security Vulnerability

ZenML is an extensible open source MLOps framework for creating portable, production-ready machine learning pipelines. A security vulnerability exists in ZenML version v0.55.4, which stems from an arbitrary file upload vulnerability contained in the load function in...

8.8CVSS7.7AI score0.00713EPSS

Exploits0References2

Trend Micro Simply Security•added 2023/02/16 12:0 a.m.•7 views

MLOps Security Best practices

MLOps provides a systematic approach to evaluating and monitoring ML models. Discover the various security concerns associated with MLOps and learn the best practices for using it securely...

2.1AI score