Powered by AI + Aikido Research team
Aikido Intel
We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.
Human verified threat feed
619 vulnerabilities exposed
Detect blind spots in NVD & Github Advisory DB
NO CVE
Medium Riskdirectus is vulnerable to Cross-site Scripting (XSS)
Upgrade the directus library to the patch version.
Jan 27, 2025
AIKIDO-2025-10053
NO CVE
Critical johnpbloch/wordpress-core is vulnerable to SQL Injection
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10052
NO CVE
Medium Risk@mantine/dates is vulnerable to Unlimited Resource Consumption
Upgrade the @mantine/dates library to the patch version.
Jan 27, 2025
AIKIDO-2025-10051
CVE-2024-51417
Critical System.Linq.Dynamic.Core is vulnerable to System Information Disclosure
Upgrade the System.Linq.Dynamic.Core library to the patch preview version and then upgrade it to a stable version when available.
Jan 27, 2025
AIKIDO-2025-10050
NO CVE
High Riskjohnpbloch/wordpress-core is vulnerable to Cross-Site Request Forgery (CSRF)
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10049
NO CVE
Medium Risk@wordpress/block-library is vulnerable to Cross-site Scripting (XSS)
Upgrade the @wordpress/block-library library to the patch version.
Jan 27, 2025
AIKIDO-2025-10048
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Denial of Service (DoS)
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10047
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Cross-site Scripting (XSS)
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10046
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Cross-site Scripting (XSS)
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10045
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Cross-site Scripting (XSS)
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10044
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 27, 2025
AIKIDO-2025-10043
NO CVE
Medium Risk@wordpress/url is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes
Upgrade the @wordpress/url library to the patch version.
Jan 24, 2025
AIKIDO-2025-10042
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Cross-site Scripting (XSS)
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 24, 2025
AIKIDO-2025-10041
NO CVE
Low Riskkoin-core is vulnerable to Race Condition
Upgrade the io.insert-koin:koin-core library to the patch version.
Jan 24, 2025
AIKIDO-2025-10040
NO CVE
Medium Riskjohnpbloch/wordpress-core is vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data
Upgrade the johnpbloch/wordpress-core library to a patch version.
Jan 24, 2025
AIKIDO-2025-10039
NO CVE
Low Risk@graphql-mesh/string-interpolation is vulnerable to Insertion of Sensitive Information into Log File
Upgrade the @graphql-mesh/string-interpolation library to the patch version.
Jan 23, 2025
AIKIDO-2025-10038
NO CVE
Low Riskbox-java-sdk is vulnerable to Insertion of Sensitive Information into Log File
Upgrade the box-java-sdk library to the patch version.
Jan 23, 2025
AIKIDO-2025-10037
CVE-2025-0434
High Riskelectron is vulnerable to Cross-site Scripting (XSS)
Upgrade the electron library to a patch version.
Jan 23, 2025
AIKIDO-2025-10036
NO CVE
Low Riskgradio is vulnerable to Regular Expression Denial of Service (ReDoS)
Upgrade the gradio library to the patch version.
Jan 23, 2025
AIKIDO-2025-10035
NO CVE
Low Riskmysql-connector-python is vulnerable to Remote Code Execution (RCE)
Upgrade the mysql-connector-python library to the patch version.
Jan 22, 2025
AIKIDO-2025-10034
NO CVE
Low Riskoban_web is vulnerable to Exposure of Sensitive Information
Upgrade the oban_web library to the patch version.
Jan 21, 2025
AIKIDO-2025-10033
NO CVE
Medium Risk@medusajs/medusa is vulnerable to Information Disclosure
Upgrade the @medusajs/medusa library to the patch version.
Jan 21, 2025
AIKIDO-2025-10032
NO CVE
High Riskwebklex/php-imap is vulnerable to Authentication Bypass by Spoofing
Upgrade the webklex/php-imap library to the patch version.
Jan 20, 2025
AIKIDO-2025-10031
NO CVE
Low Riskphpmyadmin/sql-parser is vulnerable to Denial of Service (DoS)
Upgrade the phpmyadmin/sql-parser library to the patch version.
Jan 20, 2025
AIKIDO-2025-10030
CVE-2021-0341
High Riskgrpc-okhttp is vulnerable to Improper Certificate Validation
Upgrade the grpc-okhttp library to the patch version.
Jan 20, 2025
AIKIDO-2025-10029
NO CVE
Low RiskPyMuPDF is vulnerable to Denial of Service (DoS)
Upgrade the PyMuPDF library to the patch version.
Jan 20, 2025
AIKIDO-2025-10028
NO CVE
Low RiskBrazeUI is vulnerable to Incorrect Authorization
Upgrade the BrazeUI library to the patch version.
Jan 20, 2025
AIKIDO-2025-10027
NO CVE
Critical github.com/juanfont/headscale is vulnerable to Authorization Bypass
Upgrade the github.com/juanfont/headscale library to the patch version.
Jan 20, 2025
AIKIDO-2025-10026
NO CVE
Low Risk@firebase/util is vulnerable to Generation of Weak Initialization Vector
Upgrade the @firebase/util library to the patch version.
Jan 17, 2025
AIKIDO-2025-10025
CVE-2025-22150
Medium Riskundici is vulnerable to Use of Insufficiently Random Values
Upgrade the undici library to the patch version.
Jan 16, 2025
AIKIDO-2025-10024
NO CVE
High Riskn8n-core is vulnerable to Prototype Pollution
Upgrade the n8n-core library to the patch version.
Jan 16, 2025
AIKIDO-2025-10023
NO CVE
Low Riskgithub.com/prometheus/alertmanager is vulnerable to Race Condition
Upgrade the github.com/prometheus/alertmanager library to the patch version.
Jan 16, 2025
AIKIDO-2025-10022
CVE-2024-12053
High Riskelectron is vulnerable to Type Confusion
Upgrade the electron library to the patch version.
Jan 15, 2025
AIKIDO-2025-10021
NO CVE
High Riskgithub.com/cyphar/filepath-securejoin is vulnerable to Path Traversal
Upgrade the github.com/cyphar/filepath-securejoin library to the patch version.
Jan 14, 2025
AIKIDO-2025-10020
NO CVE
Medium Riskaddress-rfc2822 is vulnerable to Regular Expression Denial of Service (ReDoS)
Upgrade the address-rfc2822 library to the patch version.
Jan 14, 2025
AIKIDO-2025-10019
NO CVE
Low Riskgithub.com/wneessen/go-mail is vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Upgrade the github.com/wneessen/go-mail library to the patch version.
Jan 13, 2025
AIKIDO-2025-10018
Donโt be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
ยฉ 2024 Aikido Security BV | BE0792914919
๐ช๐บ Registered address: Coupure Rechts 88, 9000, Ghent, Belgium
๐ช๐บ Office address: Gebroeders van Eyckstraat 2, 9000, Ghent, Belgium
๐บ๐ธ Office address: 95 Third St, 2nd Fl, San Francisco, CA 94103, US
Any use of the intel.aikido.dev website and content is explicitly subject to Aikido Terms of Use