The professional publishing platform
82%
Total Score
100
1
91
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2026-53943 ghost is vulnerable to Use of Cache Containing Sensitive Information in versions 4.0.0 - 6.36.0. | 4.0.0 - 6.36.0 | Critical |
AIKIDO-2026-10399 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. ghost is vulnerable to Race Condition (TOCTOU) in versions 5.105.0 - 6.21.2. | 5.105.0 - 6.21.2 | Low |
CVE-2026-29784 ghost is vulnerable to Cross-Site Request Forgery (CSRF) in versions 5.101.6 - 6.19.2. | 5.101.6 - 6.19.2 | High |
CVE-2026-29053 ghost is vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in versions 0.7.2 - 6.19.0. | 0.7.2 - 6.19.0 | High |
CVE-2026-26980 ghost is vulnerable to Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in versions 3.24.0 - 6.19.1. | 3.24.0 - 6.19.1 | Critical |
| Dependency | Last Release | Score |
|---|---|---|
got Version 13.0.0 | — | — |
rss Version 1.2.2 | — | — |
xml Version 1.0.1 | — | — |
zod Version 4.4.3 | — | — |
clsx Version 2.1.1 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant