VYPR

Adversarial Robustness Toolbox

by Trusted AI

Source repositories

CVEs (3)

  • CVE-2026-31230CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.01

    The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component (robustness_evaluation_fgsm_pytorch.py). The script uses the unsafe eval() function to parse string values provided via the --clip_values and…

  • CVE-2026-31229CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.01

    The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains an insecure deserialization vulnerability (CWE-502) in its Kubeflow component's model loading functionality. When loading model weights from a file (e.g., model.pt) during robustness evaluation, the code uses…

  • CVE-2026-31228CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.01

    The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval() function to dynamically evaluate user-supplied strings for the LossFn and…