JFrog Security Research
Model Threats
Discover
Follow JFrog Security
Home
Model Threats
Discover
Follow JFrog Security
< Back
Software Vulnerabilities
Last Updated On
14 Aug, 2025
160
Vulnerabilities
discovered
JFSA-2025-001380578
Flowise OS command remote code execution
critical
CVE-2025-8943
CVE-2025-8943
CVE-2025-8943
critical
Discovered By
Assaf Levkovich
●
Published on
14 Aug, 2025
●
JFSA-2025-001379925
Flowise JS injection remote code execution
critical
CVE-2025-55346
CVE-2025-55346
CVE-2025-55346
critical
Discovered By
Assaf Levkovich
●
Published on
14 Aug, 2025
●
JFSA-2025-001378631
Codex CLI Symlink Arbitrary File Overwrite
high
CVE-2025-55345
CVE-2025-55345
CVE-2025-55345
high
Discovered By
Assaf Levkovich
●
Published on
13 Aug, 2025
●
Keras untrusted model arbitrary file write
high
CVE-2025-8747
CVE-2025-8747
CVE-2025-8747
high
Discovered By
Andrey Polkovnichenko
●
Published on
12 Aug, 2025
●
Webfinger.js Blind SSRF
medium
CVE-2025-54590
CVE-2025-54590
CVE-2025-54590
medium
Discovered By
Ori Hollander
●
Published on
28 Jul, 2025
●
JFSA-2025-001290844
OS command injection in mcp-remote when connecting to untrusted MCP servers
critical
CVE-2025-6514
CVE-2025-6514
CVE-2025-6514
critical
Discovered By
Or Peles
●
Published on
9 Jul, 2025
●
Tensorflow Serving Stack Exhaustion DoS
high
CVE-2025-0649
CVE-2025-0649
CVE-2025-0649
high
Discovered By
Ori Hollander
●
Published on
6 May, 2025
●
PeerTube HLS Video Files Path Traversal
low
CVE-2025-32943
CVE-2025-32943
CVE-2025-32943
low
Discovered By
Ori Hollander
●
Published on
14 Apr, 2025
●
PeerTube User Import Authenticated Resource Exhaustion
medium
CVE-2025-32949
CVE-2025-32949
CVE-2025-32949
medium
Discovered By
Ori Hollander
●
Published on
14 Apr, 2025
●
PeerTube User Import Authenticated Persistent Denial of Service
medium
CVE-2025-32944
CVE-2025-32944
CVE-2025-32944
medium
Discovered By
Ori Hollander
●
Published on
14 Apr, 2025
●
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16