New 81 vulnerabilities published

The First AI/ML Supply Chain Vulnerability Database

Detect, assess and remediate vulnerabilities in your AI/ML supply chain with detailed descriptions & infographics, automated vulnerability scanners and OSS maintainer provided fixes & remediation advice.

Vulnerabilities in ML Flow, Kubeflow, and Hugging Face Transformers, and more...

Remediation that you can rely on

Remediate any vulnerability you face with maintainer-curated fixes and AI application-specific remediation advice. We work directly with the open source community to identify and remediate OSS vulnerabilities that effect AI applications and ML systems.

  1. 1
    Update MLflow to version 2.9.2 or later.
  2. 2
    Ensure that authentication is enabled for MLflow to prevent unauthorized access.
  3. 3
    Regularly review and monitor model creation requests to detect any suspicious activity.
  4. 4
    Consider implementing network-level controls to restrict access to the MLflow server from untrusted sources.

Automated Vulnerability Scanners

Detect vulnerable services in your network by leveraging Nuclei templates to quickly evaluate your attack surface.

Download Nuclei ScannerLearn more about Nuclei
Nuclei template hero image

Other Featured Vulnerabilities

We see hundreds of vulnerabilities and highlight the most impactful ones, so that you never miss the next AI zero-day.

View all security advisories

Sightline Premium

Early Access

Get early access to fixed vulnerability before they're publicly disclosed. On average customers get a 31 day early warning before a vulnerability is set to become public.

Protect AI Platform Integration

Immediately see what vulnerabilities matter most by combining the context of your AI applications MLBOM (provided by Radar) with Sightline

Unlimited Access to Scanners

Leverage our Scanners immediately as they're released on Sightline Premium, instead of waiting for them to eventually get in to the public Vulnerability Feed.

API Access

Integrate our Vulnerability Feed in your existing workflows and tools by leveraging our API built upon the OSSF's Open Source Vulnerability standard.

Many eyes make all bugs shallow

Sightline is powered by our Huntr community - the world's first bug bounty board for AI/ML.
Together, we have helped protect AI by working with over 15k security researchers and maintainers who have earned over $500k finding & fixing vulnerabilities.

171

Vulnerabilities identified in the last 90 days

56

Vulnerabilities that are not yet public

35

Avg. days customers have had early access

Learn more about Huntr