Avi Lumelsky

Avi Lumelsky is a security researcher specializing in engineering and AI. At Oligo Security, he secures AI infrastructure by uncovering vulnerabilities in open-source projects. Previously at Deci AI (now part of NVIDIA), he focused on model optimization. His work has resulted in reports for major companies like Google and Meta, and has been featured in Forbes and Hacker News. He also maintains open-source eBPF projects and explores vulnerabilities in AI frameworks and inference servers.

Avi Lumelsky

More Articles byAvi Lumelsky

Airborne: Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at Risk

CVE Funding Almost Expired: What You Need to Know

Uncovering the Hidden Risks: How Oligo Identifies 1100% More Vulnerable Functions

Shadow Vulnerabilities in AI: The Hidden Perils Beyond CVEs

Critical Vulnerabilities in AirPlay Protocol Affecting Multiple Apple Devices

CVE-2024-50050: Critical Vulnerability in meta-llama/llama-stack

More Models, More ProbLLMs

New Remote Code Execution (RCE) Vulnerabilities in CUPS for Linux: Threats and Mitigations

Shining a Light on Shadow Vulnerabilities

TensorFlow Keras Downgrade Attack: CVE-2024-3660 Bypass

0.0.0.0 Day: Exploiting Localhost APIs From the Browser

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

App-Level eBPF Applications - User vs. Kernel Probes

ShadowRay: First Known Attack Campaign Targeting AI Workloads Actively Exploited In The Wild

What Is an SBOM? Types, Components, Formats, and Tips [2025 Guide]

10 Snyk Alternatives to Consider in 2025

5 SBOM Generation Tools & 5 Critical Best Practices

Breaking Down OWASP Top 10 for Web Apps, Mobile, API, K8s and LLMs

OWASP Top 10 LLM, Updated 2025: Examples and Mitigation Strategies

Runtime Security: Key Components, Technologies and Best Practices

More Articles by
Avi Lumelsky