aikido.dev
Submit a Fix
Go To App
Powered by AI + Aikido Research team
Aikido Intel
We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.
Human verified threat feed
532
vulnerabilities exposed
Detect blind spots in NVD & Github Advisory DB
Sort on
Date
Sort on
Date
Severity
Critical
uclouvain.openjpeg is vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
uclouvain.openjpeg is vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer in versions 1.3.0 - 2.5.2.
Dec 11, 2024
AIKIDO-2024-10531
Medium
Risk
gtk is vulnerable to Use of Unmaintained Third Party Components
gtk is vulnerable to Use of Unmaintained Third Party Components in all versions.
Dec 11, 2024
AIKIDO-2024-10530
High
Risk
python-semantic-release is vulnerable to Path Traversal
python-semantic-release is vulnerable to Path Traversal in versions 8.0.0 - 9.8.7.
Dec 10, 2024
AIKIDO-2024-10529
Medium
Risk
chainlit is vulnerable to Missing Authorization
chainlit is vulnerable to Missing Authorization in versions 0.1.1 - 1.3.0.
Dec 10, 2024
AIKIDO-2024-10528
Low
Risk
twig/twig is vulnerable to Uncontrolled Recursion
twig/twig is vulnerable to Uncontrolled Recursion in versions 3.14.1 - 3.14.1.
Dec 10, 2024
AIKIDO-2024-10527
Medium
Risk
linkme is vulnerable to Type Confusion
linkme is vulnerable to Type Confusion in versions 0.0.1 - 0.3.23.
Dec 9, 2024
AIKIDO-2024-10526
Medium
Risk
dompurify is vulnerable to Improper Input Validation
dompurify is vulnerable to Improper Input Validation in versions 1.0.0 - 2.5.7 and 3.0.0 - 3.2.2.
Dec 9, 2024
AIKIDO-2024-10525
Medium
Risk
php-mime-mail-parser/php-mime-mail-parser is vulnerable to Generation of Predictable Numbers or Identifiers
php-mime-mail-parser/php-mime-mail-parser is vulnerable to Generation of Predictable Numbers or Identifiers in versions 2.8.0 - 8.0.4.
Dec 9, 2024
AIKIDO-2024-10524
Medium
Risk
react-hook-form is vulnerable to Prototype Pollution
react-hook-form is vulnerable to Prototype Pollution in versions 2.28.2 - 7.53.2.
Dec 9, 2024
AIKIDO-2024-10523
Low
Risk
canvas is vulnerable to Use-After-Free
canvas is vulnerable to Use-After-Free in versions 2.0.0 - 3.0.0-rc2.
Dec 9, 2024
AIKIDO-2024-10522
Critical
@gouvfr/dsfr is vulnerable to Malicious Code
@gouvfr/dsfr is vulnerable to Malicious Code in versions 0.1.0 - 1.12.1.
Dec 9, 2024
AIKIDO-2024-10521
Low
Risk
ghost is vulnerable to Cross-site Scripting (XSS)
ghost is vulnerable to Cross-site Scripting (XSS) in versions 5.8.0 - 5.103.0.
Dec 9, 2024
AIKIDO-2024-10520
Low
Risk
MessagePack.Annotations is vulnerable to Use of Weak Hash
MessagePack.Annotations is vulnerable to Use of Weak Hash in versions 1.0.0 - 3.0.238-rc.1.
Dec 6, 2024
AIKIDO-2024-10519
Low
Risk
MessagePack is vulnerable to Use of Weak Hash
MessagePack is vulnerable to Use of Weak Hash in versions 1.0.0 - 3.0.238-rc.1.
Dec 6, 2024
AIKIDO-2024-10518
Medium
Risk
luigi is vulnerable to Command Injection
luigi is vulnerable to Command Injection in versions 2.7.7 - 3.5.1.
Dec 6, 2024
AIKIDO-2024-10517
High
Risk
luigi is vulnerable to Incorrect Permission Assignment
luigi is vulnerable to Incorrect Permission Assignment in versions 1.0.17 - 3.5.1.
Dec 6, 2024
AIKIDO-2024-10516
Medium
Risk
luigi is vulnerable to Debug Messages Revealing Unnecessary Information
luigi is vulnerable to Debug Messages Revealing Unnecessary Information in versions 2.8.4 - 3.5.1.
Dec 6, 2024
AIKIDO-2024-10515
Low
Risk
superjson is vulnerable to Denial of Service (DoS)
superjson is vulnerable to Denial of Service (DoS) in versions 1.2.0 - 2.2.1.
Dec 6, 2024
AIKIDO-2024-10514
Show More
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US