aikido intel logo

Powered by AI + Aikido Research Team

Aikido Intel- Open Source Threat Intelligence

Your earliest warning for supply chain threats.

We expose malware and vulnerabilities in open-source ecosystems, within minutes.

aikido intel logo

vulnerabilities

9

4

5

aikido intel logo

malware

1

4

8

2

7

NO CVE
Low Risk
n8n is vulnerable to Denial of Service (DoS)
Upgrade the n8n library to the patch version.
Jun 16, 2025
AIKIDO-2025-10378
NO CVE
Low Risk
rav1e is vulnerable to Integer Overflow
Upgrade the rav1e library to the patch version.
Jun 16, 2025
AIKIDO-2025-10377
NO CVE
High Risk
flask-oidc is vulnerable to Open Redirect
Upgrade the flask-oidc library to the patch version.
Jun 16, 2025
AIKIDO-2025-10376
NO CVE
Low Risk
keycloak-angular is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Upgrade the keycloak-angular library to the patch version.
Jun 16, 2025
AIKIDO-2025-10375
NO CVE
Low Risk
unleash-server is vulnerable to Use of Weak Hash
Upgrade the unleash-server library to the patch version.
Jun 16, 2025
AIKIDO-2025-10374
NO CVE
Low Risk
github.com/bitnami-labs/sealed-secrets is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Upgrade the github.com/bitnami-labs/sealed-secrets library to the patch version.
Jun 16, 2025
AIKIDO-2025-10373
NO CVE
Medium Risk
jwt is vulnerable to Improper Verification of Cryptographic Signature
Upgrade the jwt library to the patch version.
Jun 16, 2025
AIKIDO-2025-10372
NO CVE
Low Risk
box-sdk-gen is vulnerable to Observable Timing Discrepancy
Upgrade the box-sdk-gen library to the patch version.
Jun 13, 2025
AIKIDO-2025-10371
NO CVE
Low Risk
box-typescript-sdk-gen is vulnerable to Observable Timing Discrepancy
Upgrade the box-typescript-sdk-gen library to the patch version.
Jun 13, 2025
AIKIDO-2025-10370
NO CVE
High Risk
promptflow-evals is vulnerable to Remote Code Execution (RCE)
Upgrade the promptflow-evals library to the patch version.
Jun 12, 2025
AIKIDO-2025-10369
NO CVE
Medium Risk
boxcar is vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Upgrade the boxcar library to the patch version.
Jun 12, 2025
AIKIDO-2025-10368
NO CVE
Low Risk
box-node-sdk is vulnerable to Observable Timing Discrepancy
Upgrade the box-node-sdk library to the patch version.
Jun 12, 2025
AIKIDO-2025-10367
NO CVE
Low Risk
github.com/livekit/protocol is vulnerable to Exposure of Sensitive Information
Upgrade the github.com/livekit/protocol library to the patch version.
Jun 11, 2025
AIKIDO-2025-10366
NO CVE
Low Risk
vllm is vulnerable to Information Disclosure
Upgrade the vllm library to the patch version.
Jun 11, 2025
AIKIDO-2025-10365
NO CVE
Medium Risk
laravel/fortify is vulnerable to Session Fixation
Upgrade the laravel/fortify library to the patch version.
Jun 11, 2025
AIKIDO-2025-10364
NO CVE
Low Risk
laravel/framework is vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere
Upgrade the laravel/framework library to the patch version.
Jun 11, 2025
AIKIDO-2025-10363
NO CVE
High Risk
github.com/cosmwasm/wasmd is vulnerable to Improper Check or Handling of Exceptional Conditions
Upgrade the github.com/cosmwasm/wasmd library to the patch version.
Jun 10, 2025
AIKIDO-2025-10362
NO CVE
High Risk
kyon147/laravel-shopify is vulnerable to Information Disclosure
Upgrade the kyon147/laravel-shopify library to the patch version.
Jun 10, 2025
AIKIDO-2025-10361
NO CVE
Low Risk
drf-standardized-errors is vulnerable to Generation of Error Message Containing Sensitive Information
Upgrade the drf-standardized-errors library to the patch version.
Jun 10, 2025
AIKIDO-2025-10360
NO CVE
High Risk
github.com/gogs/gogs is vulnerable to Path Traversal
Upgrade the github.com/gogs/gogs library to the patch version.
Jun 10, 2025
AIKIDO-2025-10359
NO CVE
Low Risk
ip-num is vulnerable to Uncaught Exception
Upgrade the ip-num library to the patch version.
Jun 10, 2025
AIKIDO-2025-10358
NO CVE
Medium Risk
@cloudflare/workerd-darwin-64 is vulnerable to Use after free
Upgrade the @cloudflare library to the patch version.
Jun 9, 2025
AIKIDO-2025-10357
CVE-2024-8008
Medium Risk
org.wso2.carbon.identity.user.store.configuration.ui is vulnerable to Cross-site Scripting (XSS)
Upgrade the org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.ui library to a patch version.
Jun 9, 2025
AIKIDO-2025-10356
NO CVE
Medium Risk
litellm is vulnerable to SQL Injection
Upgrade the litellm library to the patch version.
Jun 9, 2025
AIKIDO-2025-10355
NO CVE
Medium Risk
spectator-ext-ipcservlet is vulnerable to Improper Input Validation
Upgrade the com.netflix.spectator:spectator-ext-ipcservlet library to the patch version.
Jun 6, 2025
AIKIDO-2025-10354
NO CVE
High Risk
django-guardian is vulnerable to Improper Authorization
Upgrade the django-guardian library to the patch version.
Jun 6, 2025
AIKIDO-2025-10353
CVE-2025-48953
Medium Risk
Umbraco.Cms is vulnerable to Unrestricted Upload of File with Dangerous Type
Upgrade the Umbraco.Cms library to the patch version.
Jun 6, 2025
AIKIDO-2025-10352
NO CVE
Medium Risk
@nextcloud/l10n is vulnerable to Prototype Pollution
Upgrade the @nextcloud/l10n library to the patch version.
Jun 6, 2025
AIKIDO-2025-10351
CVE-2025-5419
High Risk
electron is vulnerable to Out-of-bounds Read
Upgrade the electron library to the patch version.
Jun 6, 2025
AIKIDO-2025-10350
NO CVE
High Risk
ra-data-local-storage is vulnerable to Prototype Pollution
Upgrade the ra-data-local-storage library to a patch version.
Jun 4, 2025
AIKIDO-2025-10349
NO CVE
Low Risk
vyper is vulnerable to Unintended Reentrant Invocation of Non-reentrant Code Via Nested Calls
Upgrade the vyper library to the patch version.
Jun 4, 2025
AIKIDO-2025-10348
NO CVE
High Risk
SharpCompress is vulnerable to Out-of-Bounds Read
Upgrade the SharpCompress library to the patch version.
Jun 4, 2025
AIKIDO-2025-10347
NO CVE
High Risk
n8n-nodes-base is vulnerable to Prototype Pollution
Upgrade the n8n-nodes-base library to the patch version.
Jun 3, 2025
AIKIDO-2025-10346
NO CVE
Medium Risk
haystack-ai is vulnerable to Regular Expression Denial-of-service (ReDoS)
Upgrade the haystack-ai library to the patch version.
Jun 3, 2025
AIKIDO-2025-10345
NO CVE
Low Risk
@metamask/assets-controllers is vulnerable to Client-Side Injection Attacks
Upgrade the @metamask/assets-controllers library to the patch version.
Jun 3, 2025
AIKIDO-2025-10344
NO CVE
Low Risk
hwi/oauth-bundle is vulnerable to Generation of Weak Initialization Vector (IV)
Upgrade the hwi/oauth-bundle library to a patch version.
Jun 3, 2025
AIKIDO-2025-10343

Our intel, your security

open-source

Open-source

Aikido Intel is available under AGPL license, developers may freely use, modify, and distribute the vulnerability & malware feed.

share

License the intel database

Want to integrate our threat intelligence into your product? Get access through our commercial API.

aikido

Get protected by Aikido- it's free.

Easily secure your software supply chain, and more. Secure your your code, cloud, and runtime with Aikido’s all-in-one security platform.

Secure everything you build, host and run with Aikido

Get Secure
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Registered address: Coupure Rechts 88, 9000, Ghent, Belgium
🇪🇺 Office address: Gebroeders van Eyckstraat 2, 9000, Ghent, Belgium
🇺🇸 Office address: 95 Third St, 2nd Fl, San Francisco, CA 94103, US
Any use of the intel.aikido.dev website and content is explicitly subject to Aikido Terms of Use.
The Intel vulnerability and malware feed is licensed under a dual license.