22 Security Advisories Address Vulnerabilities in AI/ML Infrastructure

💬 22 security advisories covering AI/ML infrastructure: 40 CVEs, 94 Sigma detection rules (MLflow, vLLM, PyTorch, Flowise, MCP servers, LangGraph, HuggingFace tooling)The advisories address four categories: Adversarial ML, Agent Security, Supply Chain, and Prompt Injection. Nine critical vulnerabilities include bypasses in HuggingFace’s model scanner, a six-vulnerability cluster in Flowise (authentication flaws, SSRF, and RCE), and MLflow authentication bypass leading to RCE. Other notable issues involve unsafe deserialization in LangGraph, memory corruption in PyTorch, and command injection in claude-code-ui. Each advisory provides attack chain analysis, MITRE ATLAS mappings, and Sigma detection rules.