Powered by AI + Aikido Research team
Aikido Intel
We track 5 million open-source packages, exposing vulnerabilities before they get CVE numbers. Many never do.
Human verified threat feed
434 vulnerabilities exposed
Detect blind spots in NVD & Github Advisory DB
Critical AIKIDO-2024-10426
happy-dom is vulnerable to Remote Code Execution (RCE) in versions 13.0.0 - 15.10.0.
November 6, 2024
High RiskAIKIDO-2024-10425
fluent.fluent-bit is vulnerable to Improper Authentication in versions 3.0.0 - 3.1.9.
November 6, 2024
Low RiskAIKIDO-2024-10424
express-zod-api is vulnerable to Generation of Error Message Containing Sensitive Information in versions 1.0.0 - 20.17.0.
November 6, 2024
High RiskAIKIDO-2024-10423
chriskohlhoff.asio is vulnerable to Missing Standardized Error Handling Mechanism in versions 1.0.0 - 1.12.2.
November 5, 2024
Critical AIKIDO-2024-10422
fastapi-sso is vulnerable to Improper Authentication in versions 0.2.3 - 0.15.0.
November 5, 2024
Medium RiskAIKIDO-2024-10421
rspec-its is vulnerable to Access to Critical Private Variable via Public Method in versions 1.0.0 - 1.3.1.
November 5, 2024
Medium RiskAIKIDO-2024-10420
mpg123 is vulnerable to Out-of-bounds Write in versions 0.61 - 1.32.7.
November 5, 2024
Medium RiskAIKIDO-2024-10418
mysql-connector-python is vulnerable to SQL Injection in versions 8.0.4 - 8.0.10.
November 5, 2024
Medium RiskAIKIDO-2024-10417
urllib3-future is vulnerable to Inadequate Encryption Strength in versions 2.0.931 - 2.11.907.
November 5, 2024
High RiskAIKIDO-2024-10415
h2o is vulnerable to Uncontrolled Resource Consumption in versions 3.10.0.3 - 3.46.0.5.
November 5, 2024
Critical AIKIDO-2024-10414
h2o is vulnerable to Deserialization of Untrusted Data in versions 3.10.0.3 - 3.46.0.5.
November 5, 2024
Medium RiskAIKIDO-2024-10413
nope-validator is vulnerable to Regular Expression Denial of Service (ReDoS) in versions 0.2.0 - 0.11.3.
November 5, 2024
Medium RiskAIKIDO-2024-10412
express is vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in versions 3.0.0-alpha1 - 3.21.2.
November 5, 2024
Critical AIKIDO-2024-10411
Elsa is vulnerable to Improper Authorization in versions 1.0.0 - 3.2.2.
November 5, 2024
Low RiskAIKIDO-2024-10410
Werkzeug is vulnerable to Inadequate Encryption Strength in versions 0.13 - 3.0.6.
November 5, 2024
Low RiskAIKIDO-2024-10409
uppy is vulnerable to Overly Permissive Cross-domain Whitelist in versions 3.5.0 - 4.5.0.
November 4, 2024
High RiskAIKIDO-2024-10408
github.com/hashicorp/consul is vulnerable to Path Traversal in versions 0.1.0 - 1.20.0.
November 4, 2024
High RiskAIKIDO-2024-10407
prefect is vulnerable to Server-side Request Forgery (SSRF) in versions 2.8.0 - 2.20.10 and 3.0.0 - 3.0.1.
November 4, 2024
Don’t be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US