Sunday, 14 September 2025
27.8 C
Singapore
27.4 C
Thailand
19.7 C
Indonesia
27.6 C
Philippines

Open-source machine learning systems face increasing security threats

Open-source machine learning tools face rising security threats, with recent findings highlighting critical vulnerabilities across key frameworks.

Recent research has uncovered significant security vulnerabilities in open-source machine learning (ML) frameworks, putting sensitive data and operations at risk. As ML adoption grows across industries, so does the urgency of addressing these threats. The vulnerabilities, identified in a report by JFrog, reveal gaps in ML security compared to more established systems like DevOps and web servers.

Critical vulnerabilities in ML frameworks

Open-source ML projects have seen a rise in security flaws, with JFrog reporting 22 vulnerabilities across 15 ML tools in recent months. Two primary concerns concern server-side components and privilege escalation risks within ML environments. These vulnerabilities could allow attackers to access sensitive files, gain unauthorised privileges, and compromise the entire ML workflow.

One significant flaw involves Weave, a Weights & Biases (W&B) tool that tracks and visualises ML model metrics. The WANDB Weave Directory Traversal vulnerability (CVE-2024-7340) allows attackers to exploit improper input validation in file paths. By doing so, they can access sensitive files, including admin API keys, enabling privilege escalation and potentially compromising ML pipelines.

Another affected tool is ZenML, which manages MLOps pipelines. A critical flaw in ZenML Cloud’s access control lets attackers with minimal access privileges escalate permissions. This could expose confidential data like secrets and model files, allowing attackers to manipulate pipelines, tamper with model data, or disrupt production environments dependent on these pipelines.

Risks of privilege escalation and data breaches

Other vulnerabilities highlight the risks of privilege escalation in ML systems. The Deep Lake Command Injection (CVE-2024-6507) found in the Deep Lake database is particularly severe. This database, designed for AI applications, suffers from improper command sanitisation, allowing attackers to execute arbitrary commands. Such breaches could compromise the database and connected applications, leading to remote code execution.

Vanna AI, a natural language SQL query generation tool, also has a serious vulnerability. The Vanna.AI Prompt Injection (CVE-2024-5565) flaw lets attackers inject malicious code into SQL prompts, which can result in remote code execution. This poses risks like manipulated visualisations, SQL injections, or data theft.

Mage.AI, an MLOps platform for managing data pipelines, is vulnerable to unauthorised shell access, file leaks, and path traversal issues. These flaws enable attackers to control pipelines, expose configurations, and execute malicious commands, risking privilege escalation and data integrity breaches.

The path forward

JFrog’s findings highlight a critical gap in MLOps security. Many organisations fail to integrate AI/ML security with broader cybersecurity strategies, leaving blind spots. Attackers can exploit these vulnerabilities to embed malicious code in models, steal data, or manipulate outputs, creating widespread disruptions.

As ML and AI continue transforming industries, securing their frameworks, datasets, and models is essential. Robust security practices must be prioritised to protect the innovations that drive this growing field.

Hot this week

Canon unveils next-generation video production equipment to elevate cinematic storytelling

Canon launches EOS C50, RF85mm f/1.4L VCM, and CN5x11 IAS T R1/P1 to support next-generation video production and storytelling.

Cisco and Tata Communications join forces to advance eSIM and IoT connectivity

Cisco and Tata Communications partner to integrate eSIM and IoT solutions, aiming to simplify, scale, and transform enterprise connectivity.

Ulanzi OA-14 Camera Cage for Osmo Action 3/4/5 review: Rugged protection with creative flexibility

Ulanzi OA-14 adds rugged protection and accessory mounts to the DJI Osmo Action 5 while keeping battery swaps quick and easy. It is also compatible with the Osmo Action 3 and 4.

80% of Singaporeans use AI daily but few trust it for finance or mental health, survey finds

A Milieu Insight survey shows 80% of Singaporeans use AI daily but few trust it for financial or mental health advice.

FutureChina Global Forum 2025 to address global challenges and opportunities

The FutureChina Global Forum 2025 will convene leaders in Singapore to discuss geopolitics, economics, technology, and Singapore-China ties.

Asus unveils US$4,000 ProArt P16 with 4K tandem OLED and RTX 5090

Asus launches its ProArt P16 laptop with a 4K tandem OLED, RTX 5090 GPU, and creator-focused features, priced from US$1,999.

Lenovo unveils Legion Go 2 handheld with OLED display and higher price tag

Lenovo launches the Legion Go 2 handheld with an OLED display, upgraded specs and a higher starting price of €999 at IFA 2025.

Samsung could launch two Galaxy Z Fold8 models in 2026

Samsung may release two Galaxy Z Fold8 models in 2026, including one with a square-like screen, alongside the Galaxy Z Flip8.

Apple brings new health features to older Watch models

Apple adds hypertension notifications and Sleep Score to older Watch models with watchOS 26, expanding health tools beyond its newest devices.

Related Articles

Popular Categories