98%
Total Score
100
86
100
100
100
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2026-209386 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. @milkdown/plugin-emoji is vulnerable to Cross-Site Scripting (XSS) in versions 7.0.0 - 7.21.2. | 7.0.0 - 7.21.2 | Medium |
| Dependency | Last Release | Score |
|---|---|---|
twemoji Version ^14.0.2 | — | — |
dompurify Version ^3.2.5 | — | — |
node-emoji Version ^2.1.3 | — | — |
emoji-regex Version ^10.0.0 | — | — |
remark-emoji Version ^5.0.0 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

I consent to receiving marketing communications based on Aikido’s Privacy Policy.
SOC 2Compliant
ISO 27001Compliant