Powered by AI + Aikido Research team
Aikido Intel
We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.
Human verified threat feed
457 vulnerabilities exposed
Detect blind spots in NVD & Github Advisory DB
Low RiskAIKIDO-2024-10449
github.com/blevesearch/bleve/v2 is vulnerable to Denial of Service (DoS) in versions 0.1.0 - 2.4.2.
November 15, 2024
Low RiskAIKIDO-2024-10448
@vue-flow/core is vulnerable to Cross-site Scripting (XSS) in versions 0.4.9 - 1.41.4.
November 14, 2024
Medium RiskAIKIDO-2024-10447
tarteaucitronjs is vulnerable to Cross-site Scripting (XSS) in versions 1.0 - 1.15.0.
November 14, 2024
Medium RiskAIKIDO-2024-10446
quartz is vulnerable to Remote Code Execution (RCE) in versions 2.1.4 - 2.3.2.
November 14, 2024
Medium RiskAIKIDO-2024-10445
@builder.io/react is vulnerable to Cross-site Scripting (XSS) in versions 0.1.0 - 6.0.1.
November 13, 2024
Low RiskAIKIDO-2024-10444
rustybuzz is vulnerable to Integer Overflow in versions 0.7.0 - 0.20.0.
November 13, 2024
Low RiskAIKIDO-2024-10443
uppy is vulnerable to Cross-Site Request Forgery (CSRF) in versions 0.27.0 - 4.6.0.
November 13, 2024
Low RiskAIKIDO-2024-10442
AcademySoftwareFoundation.openexr is vulnerable to NULL Pointer Dereference in versions 3.1.0 - 3.3.1.
November 13, 2024
Medium RiskAIKIDO-2024-10441
vaultrs is vulnerable to Insertion of Sensitive Information into Log File in versions 0.5.1 - 0.7.2.
November 13, 2024
Low RiskAIKIDO-2024-10440
@powersync/web is vulnerable to Cleartext Transmission of Sensitive Information in versions 0.5.1 - 1.10.1.
November 13, 2024
Low RiskAIKIDO-2024-10439
viztracer is vulnerable to Denial of Service (DoS) in versions 0.0.3 - 0.17.0.
November 13, 2024
High RiskAIKIDO-2024-10438
Microsoft.Diagnostics.Tracing.TraceEvent is vulnerable to Deserialization of Untrusted Data in versions 2.0.0 - 3.1.16.
November 13, 2024
High RiskAIKIDO-2024-10437
jose-jwt is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in versions 1.9 - 5.0.0.
November 12, 2024
Medium RiskAIKIDO-2024-10436
django-allauth is vulnerable to Improper Restriction of Excessive Authentication Attempts in versions 0.63.0 - 65.1.0.
November 8, 2024
Critical AIKIDO-2024-10435
electron is vulnerable to Out-of-bounds Write in versions 31.0.0 - 31.7.3 and 32.0.0 - 32.2.2.
November 8, 2024
Medium RiskAIKIDO-2024-10434
github.com/cosnicolaou/pbzip2 is vulnerable to Integer Overflow in versions 1.0.0 - 1.0.3.
November 8, 2024
Critical AIKIDO-2024-10433
@grafana/ui is vulnerable to Code Injection in versions 11.0.0 - 11.0.4, 11.1.0 - 11.1.5 and 11.2.0 - 11.2.0.
November 8, 2024
Critical AIKIDO-2024-10432
@grafana/data is vulnerable to Code Injection in versions 11.0.0 - 11.0.4, 11.1.0 - 11.1.5 and 11.2.0 - 11.2.0.
November 8, 2024
Don’t be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US