A tool to pack repository contents to single file for AI consumption
91%
Total Score
100
43
100
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2026-49988 repomix is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 0.0.0 - 1.14.0. | 0.0.0 - 1.14.0 | Medium |
CVE-2026-49987 repomix is vulnerable to Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in versions 0.0.0 - 1.14.1. | 0.0.0 - 1.14.1 | High |
AIKIDO-2025-10584 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. repomix is vulnerable to Argument Injection in versions 0.2.4 - 1.3.0. | 0.2.4 - 1.3.0 | Low |
AIKIDO-2025-10424 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. repomix is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 0.1.32 - 0.3.9. | 0.1.32 - 0.3.9 | Low |
| Dependency | Last Release | Score |
|---|---|---|
tar Version ^7.5.19 | — | — |
zod Version ^4.4.3 | — | — |
jiti Version ^2.7.0 | — | — |
json5 Version ^2.2.3 | — | — |
globby Version ^16.2.0 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant