aikido intel logo

Powered by AI + Aikido Research team

Aikido Intel

We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.

Human verified threat feed
664 vulnerabilities exposed
Detect blind spots in NVD & Github Advisory DB
NO CVE
Medium Risk
@contentstack/utils is vulnerable to Cross-site Scripting (XSS)
Upgrade the @contentstack/utils library to the patch version.
Feb 14, 2025
AIKIDO-2025-10098
NO CVE
Critical
@coinbase/wallet-sdk is vulnerable to Missing Encryption of Sensitive Data
Upgrade the @coinbase/wallet-sdk library to the patch version.
Feb 14, 2025
AIKIDO-2025-10097
CVE-2024-21534
Critical
jsonpath-plus is vulnerable to Remote Code Execution (RCE)
Upgrade the jsonpath-plus library to the patch version.
Feb 14, 2025
AIKIDO-2025-10096
NO CVE
Low Risk
effect is vulnerable to Uncaught Exception
Upgrade the effect library to the patch version.
Feb 14, 2025
AIKIDO-2025-10095
NO CVE
High Risk
@octokit/endpoint is vulnerable to Regular Expression Denial of Service (ReDoS)
Upgrade the @octokit/endpoint library to the patch version.
Feb 14, 2025
AIKIDO-2025-10094
NO CVE
High Risk
ssr-window is vulnerable to Prototype Pollution
Upgrade the ssr-window library to the patch version.
Feb 13, 2025
AIKIDO-2025-10093
CVE-2024-3219
Low Risk
kafka-python is vulnerable to Race Condition
Upgrade the kafka-python library to the patch version.
Feb 13, 2025
AIKIDO-2025-10092
NO CVE
High Risk
@auth0/nextjs-auth0 is vulnerable to URL Redirection to Untrusted Site ('Open Redirect')
Upgrade the @auth0/nextjs-auth0 library to the patch version.
Feb 12, 2025
AIKIDO-2025-10091
NO CVE
Medium Risk
craftcms/cms is vulnerable to Improper Input Validation
Upgrade the craftcms/cms library to a patch version.
Feb 12, 2025
AIKIDO-2025-10090
NO CVE
Medium Risk
grcov is vulnerable to Out-of-bounds Write
Upgrade the grcov library to the patch version.
Feb 11, 2025
AIKIDO-2025-10089
NO CVE
High Risk
markitdown is vulnerable to Path Traversal
Upgrade the markitdown library to the patch version.
Feb 11, 2025
AIKIDO-2025-10088
NO CVE
Low Risk
github.com/zalando/skipper is vulnerable to Denial of Service (DoS)
Upgrade the github.com/zalando/skipper library to the patch version.
Feb 11, 2025
AIKIDO-2025-10087
NO CVE
Low Risk
litellm is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Upgrade the litellm library to the patch version.
Feb 10, 2025
AIKIDO-2025-10086
NO CVE
Low Risk
solana-agent-kit is vulnerable to Insertion of Sensitive Information into Log File
Upgrade solana-agent-kit to a patch version.
Feb 10, 2025
AIKIDO-2025-10085
NO CVE
Low Risk
elm-watch is vulnerable to Cross-Site WebSocket Hijacking
Upgrade the elm-watch library to the patch version.
Feb 10, 2025
AIKIDO-2025-10084
NO CVE
High Risk
@rpldy/uploady is vulnerable to Prototype Pollution
Upgrade the @rpldy/uploady library to the patch version.
Feb 9, 2025
AIKIDO-2025-10083
NO CVE
Low Risk
redoc is vulnerable to Prototype Pollution
Upgrade redoc to a patch version.
Feb 7, 2025
AIKIDO-2025-10082
NO CVE
Medium Risk
php-date-formatter is vulnerable to Prototype Pollution
Upgrade php-date-formatter to a patch version.
Feb 7, 2025
AIKIDO-2025-10081
NO CVE
Medium Risk
github.com/cosmwasm/wasmvm is vulnerable to NULL Pointer Dereference
Upgrade the github.com/cosmwasm/wasmvm library to the patch version.
Feb 7, 2025
AIKIDO-2025-10080
NO CVE
Medium Risk
@nuxtjs/mdc is vulnerable to Cross-site Scripting (XSS)
Upgrade the @nuxtjs/mdc library to the patch version.
Feb 6, 2025
AIKIDO-2025-10079
NO CVE
Medium Risk
unstructured is vulnerable to Exposure of Resource to Wrong Sphere
Upgrade the unstructured library to the patch version.
Feb 6, 2025
AIKIDO-2025-10078
NO CVE
Low Risk
FirebaseFirestoreInternalBinary is vulnerable to Use-After-Free
Upgrade the FirebaseFirestoreInternalBinary library to the patch version.
Feb 6, 2025
AIKIDO-2025-10077
NO CVE
Medium Risk
litellm is vulnerable to Authorization Bypass
Upgrade the litellm library to the patch version.
Feb 6, 2025
AIKIDO-2025-10076
NO CVE
Medium Risk
sdd is vulnerable to Use after free
Upgrade the sdd library to the patch version.
Feb 5, 2025
AIKIDO-2025-10075
NO CVE
Low Risk
dompurify is vulnerable to Cross-site Scripting (XSS)
Upgrade the dompurify library to a patch version.
Feb 5, 2025
AIKIDO-2025-10074
NO CVE
Low Risk
opentelemetry-instrumentation-redis is vulnerable to Exposure of Sensitive Information
Upgrade the opentelemetry-instrumentation-redis library to the patch version.
Feb 5, 2025
AIKIDO-2025-10073
NO CVE
Low Risk
github.com/ydb-platform/ydb-go-sdk/v3 is vulnerable to Infinite Loop
Upgrade the github.com/ydb-platform/ydb-go-sdk/v3 library to the patch version.
Feb 4, 2025
AIKIDO-2025-10072
NO CVE
Low Risk
apoc is vulnerable to Insertion of Sensitive Information into Log File
Upgrade the org.neo4j.procedure:apoc library to the patch version.
Feb 4, 2025
AIKIDO-2025-10071
GHSA-rpmj-rpgj-qmpm
Medium Risk
openssl is vulnerable to Use after free
Upgrade the openssl library to the patch version.
Feb 3, 2025
AIKIDO-2025-10070
NO CVE
Low Risk
postgres-types is vulnerable to Uncaught Exception
Upgrade the postgres-types library to the patch version.
Feb 3, 2025
AIKIDO-2025-10069
CVE-2023-22102
High Risk
mysql-connector-java is vulnerable to Remote code execution
The namespace of this package has been changed on Maven to https://mvnrepository.com/artifact/com.mysql/mysql-connector-j. Upgrade to at least version 8.2.0 of this new package.
Feb 3, 2025
AIKIDO-2025-10068
NO CVE
Low Risk
github.com/ydb-platform/ydb-go-sdk/v3 is vulnerable to NULL Pointer Dereference
Upgrade the github.com/ydb-platform/ydb-go-sdk/v3 library to the patch version.
Feb 3, 2025
AIKIDO-2025-10067
NO CVE
Low Risk
@napi-rs/canvas is vulnerable to Uncaught Exception
Upgrade the @napi-rs/canvas library to the patch version.
Feb 3, 2025
AIKIDO-2025-10066
NO CVE
Low Risk
fast-float is vulnerable to Out-of-bounds Read
Remove fast-float from your application and replace with the fast-float2 package version >=0.2.2.
Jan 31, 2025
AIKIDO-2025-10065
NO CVE
Low Risk
laravel/framework is vulnerable to Insertion of Sensitive Information into Log File
Upgrade the laravel/framework library to the patch version.
Jan 31, 2025
AIKIDO-2025-10064
NO CVE
Low Risk
questdb is vulnerable to Memory Leak
Upgrade the questdb library to the patch version.
Jan 31, 2025
AIKIDO-2025-10063
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Registered address: Coupure Rechts 88, 9000, Ghent, Belgium
🇪🇺 Office address: Gebroeders van Eyckstraat 2, 9000, Ghent, Belgium
🇺🇸 Office address: 95 Third St, 2nd Fl, San Francisco, CA 94103, US
Any use of the intel.aikido.dev website and content is explicitly subject to Aikido Terms of Use