gitsafehub
github.com/kyutai-labs/moshi ↗

kyutai-labs/moshi

scanned 2026-05-28 · git e6a55d2
2 of 6 checks flagged a security issue
🔴 Needs attention
6 checks ran. Start with known oss vulnerabilities below.

Informational scan, not a security audit. How this is computed.

Leaked secretsVulnerable dependencies66Known OSS vulnerabilities159Risky code patternsMalicious dependenciesProject health9

Security checks

Leaked secrets — Gitleaks none found ✓

API keys, passwords or tokens committed into the repo.

Nothing found by this check. ✓

via Gitleaks v8.21.2 · MIT

Vulnerable dependencies — Trivy 66 found · 1 serious

Packages you depend on that have known security holes (CVEs).

  • Serious CVE-2025-32434 PyTorch is a Python package that provides tensor computation with stro ...
    moshi/requirements.txt
    A package you depend on has a known security hole (CVE-2025-32434). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-22029 @remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects
    client/package-lock.json
    A package you depend on has a known security hole (CVE-2026-22029). Fix: Update that package to its patched version.
  • Worth fixing CVE-2025-68470 react-router: React Router unexpected external redirect
    client/package-lock.json
    A package you depend on has a known security hole (CVE-2025-68470). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-45736 ws is an open source WebSocket client and server for Node.js. Prior to ...
    client/package-lock.json
    A package you depend on has a known security hole (CVE-2026-45736). Fix: Update that package to its patched version.
  • Worth fixing CVE-2025-71176 pytest: pytest: Denial of Service or Privilege Escalation via insecure temporary directory handling
    moshi/requirements.txt
    A package you depend on has a known security hole (CVE-2025-71176). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-1260 sentencepiece: Sentencepiece: Invalid memory access leading to potential arbitrary code execution via a crafted model file.
    moshi/requirements.txt
    A package you depend on has a known security hole (CVE-2026-1260). Fix: Update that package to its patched version.
  • Worth fixing CVE-2025-3730 A vulnerability, which was classified as problematic, was found in PyT ...
    moshi/requirements.txt
    A package you depend on has a known security hole (CVE-2025-3730). Fix: Update that package to its patched version.
  • Worth fixing CVE-2025-62608 MLX has heap-buffer-overflow in load()
    moshi_mlx/requirements.txt
    A package you depend on has a known security hole (CVE-2025-62608). Fix: Update that package to its patched version.
  • Worth fixing CVE-2025-62609 MLX has Wild Pointer Dereference in load_gguf()
    moshi_mlx/requirements.txt
    A package you depend on has a known security hole (CVE-2025-62609). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-1260 sentencepiece: Sentencepiece: Invalid memory access leading to potential arbitrary code execution via a crafted model file.
    moshi_mlx/requirements.txt
    A package you depend on has a known security hole (CVE-2026-1260). Fix: Update that package to its patched version.
  • Worth fixing GHSA-65p9-r9h6-22vj AWS-LC has Timing Side-Channel in AES-CCM Tag Verification
    rust/Cargo.lock
    A package you depend on has a known security hole (GHSA-65p9-r9h6-22vj). Fix: Update that package to its patched version.
  • Worth fixing GHSA-9f94-5g5w-gf6r CRL Distribution Point Scope Check Logic Error in AWS-LC
    rust/Cargo.lock
    A package you depend on has a known security hole (GHSA-9f94-5g5w-gf6r). Fix: Update that package to its patched version.
  • Worth fixing GHSA-hfpc-8r3f-gw53 AWS-LC has PKCS7_verify Signature Validation Bypass
    rust/Cargo.lock
    A package you depend on has a known security hole (GHSA-hfpc-8r3f-gw53). Fix: Update that package to its patched version.
  • Worth fixing GHSA-vw5v-4f2q-w9xf AWS-LC has PKCS7_verify Certificate Chain Validation Bypass
    rust/Cargo.lock
    A package you depend on has a known security hole (GHSA-vw5v-4f2q-w9xf). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-25541 Bytes is a utility library for working with bytes. From version 1.2.1 ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-25541). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-41676 rust-openssl provides OpenSSL bindings for the Rust programming langua ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-41676). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-41678 rust-openssl provides OpenSSL bindings for the Rust programming langua ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-41678). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-41681 rust-openssl provides OpenSSL bindings for the Rust programming langua ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-41681). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-41898 rust-openssl provides OpenSSL bindings for the Rust programming langua ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-41898). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-42327 rust-openssl: rust-openssl: Arbitrary code execution via specially crafted certificate
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-42327). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-44662 rust-openssl provides OpenSSL bindings for the Rust programming langua ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-44662). Fix: Update that package to its patched version.
  • Worth fixing CVE-2026-45784 rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2026-45784). Fix: Update that package to its patched version.
  • Worth fixing CVE-2025-53605 The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion ...
    rust/Cargo.lock
    A package you depend on has a known security hole (CVE-2025-53605). Fix: Update that package to its patched version.
  • Worth fixing GHSA-82j2-j2ch-gfr8 rustls-webpki: Denial of service via panic on malformed CRL BIT STRING
    rust/Cargo.lock
    A package you depend on has a known security hole (GHSA-82j2-j2ch-gfr8). Fix: Update that package to its patched version.
  • Worth fixing GHSA-82j2-j2ch-gfr8 rustls-webpki: Denial of service via panic on malformed CRL BIT STRING
    rust/Cargo.lock
    A package you depend on has a known security hole (GHSA-82j2-j2ch-gfr8). Fix: Update that package to its patched version.
… 41 more not shown

via Trivy v0.70.0 · Apache-2.0

Known OSS vulnerabilities — OSV-Scanner 159 found · 1 serious

Your dependencies cross-checked against the OSV vulnerability database.

  • Serious GHSA-53q9-r3pm-6pq6 PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/moshi/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-2w69-qvjg-hvjx React Router vulnerable to XSS via Open Redirects
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-25h7-pfq9-p65f flatted vulnerable to unbounded recursion DoS in parse() revive phase
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-rf6f-7fwh-wjgh Prototype Pollution via parse() in NodeJS flatted
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-5j98-mcp5-4vw2 glob CLI: Command injection via -c/--cmd executes matches with shell:true
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-r5fr-rjxr-66jc lodash vulnerable to Code Injection via `_.template` imports key names
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-23c5-xmqv-rm74 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-3ppc-4f35-3m26 minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-7r86-cg39-jmmj minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-23c5-xmqv-rm74 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-3ppc-4f35-3m26 minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-7r86-cg39-jmmj minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-23c5-xmqv-rm74 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-3ppc-4f35-3m26 minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-7r86-cg39-jmmj minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-c2c7-rcm5-vvqj Picomatch has a ReDoS vulnerability via extglob quantifiers
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-mw96-cpmx-2vgc Rollup 4 has Arbitrary File Write via Path Traversal
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/client/package-lock.json
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-6mq8-rvhq-8wgg AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/moshi/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-38vq-g6vr-w8wf Sentencepiece has a a heap overflow issue
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/moshi/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-x84v-xcm2-53pg Insufficiently Protected Credentials in Requests
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/moshi/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-38vq-g6vr-w8wf Sentencepiece has a a heap overflow issue
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/moshi_mlx/requirements.txt
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-65p9-r9h6-22vj AWS-LC has Timing Side-Channel in AES-CCM Tag Verification
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/rust/Cargo.lock
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-9f94-5g5w-gf6r CRL Distribution Point Scope Check Logic Error in AWS-LC
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/rust/Cargo.lock
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-hfpc-8r3f-gw53 AWS-LC has PKCS7_verify Signature Validation Bypass
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/rust/Cargo.lock
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
  • Worth fixing GHSA-vw5v-4f2q-w9xf AWS-LC has PKCS7_verify Certificate Chain Validation Bypass
    /workdirs/scan-f574dbbd-12b7-41ec-80ce-a2616bae2f81/rust/Cargo.lock
    A package you depend on has a known security hole. Fix: Update that package to its patched version.
… 134 more not shown

via OSV-Scanner v1.9.2 · Apache-2.0

Risky code patterns — Semgrep none found ✓

Code that can be exploited — injection, hardcoded credentials and similar.

Nothing found by this check. ✓

via Semgrep v1.147.0 · LGPL-2.1

Malicious dependencies — Guarddog none found ✓

Packages that look intentionally malicious — typosquats, sneaky install scripts.

Nothing found by this check. ✓

via Guarddog v2.10.0 · Apache-2.0

Project health

A signal about how the project is maintained — not a vulnerability in your code. It doesn’t affect the verdict above.

Project health — OpenSSF Scorecard 9 notes

Maintenance & supply-chain hygiene. A signal about the project — not a vulnerability in your code.

  • Worth fixing scorecard-overall OpenSSF Scorecard overall: 3.6/10
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-CII-Best-Practices CII-Best-Practices scored 0: no effort to earn an OpenSSF best practices badge detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Dependency-Update-Tool Dependency-Update-Tool scored 0: no update tool detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Fuzzing Fuzzing scored 0: project is not fuzzed
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Pinned-Dependencies Pinned-Dependencies scored 0: dependency not pinned by hash detected -- score normalized to 0
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-SAST SAST scored 0: SAST tool is not run on all commits -- score normalized to 0
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Security-Policy Security-Policy scored 0: security policy file not detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Token-Permissions Token-Permissions scored 0: detected GitHub workflow tokens with excessive permissions
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.
  • Minor scorecard-Vulnerabilities Vulnerabilities scored 0: 102 existing vulnerabilities detected
    A project-health signal (maintenance / supply-chain hygiene) — not a vulnerability in your code.

via OpenSSF Scorecard v5.5.0 · Apache-2.0

About these results. Six open-source checks ran in parallel; every finding is tagged with the tool that produced it. The verdict follows a published rule. False positives and false negatives are normal — a clean scan does not mean the code is secure, and a red verdict does not mean the project is compromised.