Informational scan, not a security audit. How this is computed.
API keys, passwords or tokens committed into the repo.
This check didn’t finish — that’s not the same as “clean.” Try Check again above.
Packages you depend on that have known security holes (CVEs).
CVE-2026-41242 protobufjs: protobufjs: Arbitrary code execution via injected protobuf definition type fieldsCVE-2026-35030 litellm: LiteLLM: Authentication bypass and privilege escalation via OIDC userinfo cache key collisionCVE-2026-49468 litellm: LiteLLM: Authentication Bypass via Host Header InjectionCVE-2026-35030 litellm: LiteLLM: Authentication bypass and privilege escalation via OIDC userinfo cache key collisionCVE-2026-49468 litellm: LiteLLM: Authentication Bypass via Host Header InjectionCVE-2025-62593 ray: Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding AttackCVE-2026-22778 vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.CVE-2026-48746 vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API accessCVE-2026-22778 vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.CVE-2026-48746 vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API accessCVE-2026-22778 vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.CVE-2026-48746 vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API accessCVE-2026-54285 @opentelemetry/core: opentelemetry-js: @opentelemetry/core: Denial of Service via oversized baggage HTTP headersCVE-2026-44288 protobufjs: protobufjs: Security control bypass due to improper handling of overlong UTF-8 sequencesCVE-2026-44289 protobufjs: protobufjs: Denial of Service via uncontrolled recursion in protobuf decodingCVE-2026-44290 protobuf.js: Process-wide denial of service through unsafe option pathsCVE-2026-44291 protobuf.js: Code generation gadget after prototype pollutionCVE-2026-44293 protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptorsCVE-2026-48712 protobufjs: protobufjs: Denial of Service via uncontrolled recursion with crafted protobuf payloadCVE-2026-44288 protobufjs: protobufjs: Security control bypass due to improper handling of overlong UTF-8 sequencesCVE-2026-44292 protobuf.js: Prototype injection in generated message constructorsCVE-2026-44294 protobuf.js: Denial of service from crafted field names in generated codeCVE-2026-45740 protobufjs: Denial of Service via unbounded recursive JSON descriptor expansionCVE-2026-54269 protobufjs: protobufjs-cli: protobufjs: Denial of Service due to name collision with runtime helpersCVE-2025-15599 DOMPurify: DOMPurify: Cross-site scriptingYour dependencies cross-checked against the OSV vulnerability database.
GHSA-xq3m-2v4x-88gg Arbitrary code execution in protobufjsPYSEC-2024-259 In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing.PYSEC-2025-41 PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command EPYSEC-2023-300 Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.GHSA-g8mr-85jm-7xhm Vitest Browser: Exposed Browser Mode API Can Proxy CDP and Overwrite Config Files, Leading to RCEGHSA-5xrq-8626-4rwp When Vitest UI server is listening, arbitrary file can be read and executedGHSA-63hf-3vf5-4wqf AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypassPYSEC-2026-287 Authlib JWS JWK Header Injection: Signature Verification BypassPYSEC-2026-311 ChromaDB Python project has a pre-authentication code injection vulnerabilityPYSEC-2026-36 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted PythoPYSEC-2026-338 FastMCP OpenAPI Provider has an SSRF & Path Traversal VulnerabilityGHSA-c67j-w6g6-q2cm LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIsPYSEC-2026-388 LiteLLM: Authentication Bypass via Host Header InjectionPYSEC-2026-390 LiteLLM: Authentication bypass via OIDC userinfo cache key collisionPYSEC-2026-388 LiteLLM: Authentication Bypass via Host Header InjectionPYSEC-2026-390 LiteLLM: Authentication bypass via OIDC userinfo cache key collisionPYSEC-2026-96 A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path PYSEC-2026-99 NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verificPYSEC-2026-518 Ray's New Token Authentication is Disabled By DefaultPYSEC-2026-520 Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding AttackPYSEC-2026-226 vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authenticatPYSEC-2026-565 vLLM has RCE In Video ProcessingPYSEC-2026-226 vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authenticatPYSEC-2026-565 vLLM has RCE In Video ProcessingPYSEC-2026-226 vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authenticatCode that can be exploited — injection, hardcoded credentials and similar.
Nothing found by this check. ✓
Packages that look intentionally malicious — typosquats, sneaky install scripts.
This check didn’t finish — that’s not the same as “clean.” Try Check again above.
A signal about how the project is maintained — not a vulnerability in your code. It doesn’t affect the verdict above.
Maintenance & supply-chain hygiene. A signal about the project — not a vulnerability in your code.
scorecard-overall OpenSSF Scorecard overall: 3.6/10scorecard-CII-Best-Practices CII-Best-Practices scored 0: no effort to earn an OpenSSF best practices badge detectedscorecard-Dependency-Update-Tool Dependency-Update-Tool scored 0: no update tool detectedscorecard-Fuzzing Fuzzing scored 0: project is not fuzzedscorecard-Maintained Maintained scored 0: 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0scorecard-Security-Policy Security-Policy scored 0: security policy file not detected