Version 2 of the AWS Cloud Development Kit library
88%
Total Score
100
100
100
90
50
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2026-577363 aws-cdk-lib is vulnerable to OS Command Injection in versions 0.0.1 - 2.259.0. | 0.0.1 - 2.259.0 | High |
CVE-2026-11417 aws-cdk-lib is vulnerable to Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in versions 0.0.0 - 2.246.0. | 0.0.0 - 2.246.0 | High |
AIKIDO-2025-10249 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. aws-cdk-lib is vulnerable to Incorrect Execution-Assigned Permissions in versions 2.0.0 - 2.189.0. | 2.0.0 - 2.189.0 | Low |
AIKIDO-2025-10191 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. aws-cdk-lib is vulnerable to Incorrect Default Permissions in versions 2.0.0 - 2.183.0. | 2.0.0 - 2.183.0 | Medium |
CVE-2025-23206 aws-cdk-lib is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.0 - 2.177.0. | 0.0.0 - 2.177.0 | Low |
| Dependency | Last Release | Score |
|---|---|---|
case Version 1.6.3 | — | — |
yaml Version 1.10.3 | — | — |
ignore Version ^5.3.2 | — | — |
semver Version ^7.8.1 | — | — |
fs-extra Version ^11.3.5 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant