Findings
Audit findings.
Real bugs, not vibes — the security regressions Sebastion catches in live open-source code. Every finding maps to a CWE and is ranked by severity, then published in the open so you can see exactly what a security-first review surfaces before code ships.
1001 findings across 288 repositories — 80 critical, 364 high, 522 medium, 35 low.
Findings come from automated audit runs across public repositories, grouped by scanner severity. They have not all been individually triaged or acknowledged by maintainers; CVE numbers are assigned only after coordinated disclosure where applicable.
High
50 on this pageEvolutionAPI/evolution-apiSSRF via user-controlled proxy configuration
CWE-918src/api/controllers/proxy.controller.ts
2026-05-23
Snouzy/workout-coolUnauthenticated exercise listing endpoint exposes all exercise data
CWE-862app/api/exercises/all/route.ts
2026-05-23
dreamhunter2333/cloudflare_temp_emailAdmin custom SQL cleanup allows arbitrary DELETE statements against any table
CWE-89worker/src/admin_api/cleanup_api.ts
2026-05-23
hicccc77/WeFlowwebSecurity disabled allows local file access from renderer
CWE-829electron/main.ts
2026-05-23
nexmoe/VidBeeCommand injection via unsanitized file path in copyFileToClipboardWithSystem (API server)
CWE-78apps/api/src/lib/rpc-router.ts
2026-05-23
nexmoe/VidBeeCommand injection via file path in openFileLocationWithSystem on Windows
CWE-78apps/api/src/lib/rpc-router.ts
2026-05-23
nexmoe/VidBeeCommand injection via file path in desktop copyFileToClipboardWindows/Mac
CWE-78apps/desktop/src/main/ipc/services/file-system-service.ts
2026-05-23
zizifn/edgetunnelSSRF via unrestricted TCP connect to attacker-controlled address/port
CWE-918src/worker-vless.js
2026-05-23
NVIDIA/personaplexPath traversal in voice_prompt WebSocket query parameter
CWE-22moshi/moshi/server.py
2026-05-22
NVIDIA/personaplexUnsafe torch.load on user-selected voice prompt .pt files
CWE-502moshi/moshi/server.py
2026-05-22
WhiskeySockets/BaileysCommand injection via unsanitized path in extractVideoThumb
CWE-78src/Utils/messages-media.ts
2026-05-22
aandrew-me/ytDownloaderShell injection via custom args input field
CWE-78src/renderer.js
2026-05-22
aandrew-me/ytDownloaderShell injection via playlist URL in playlist.js
CWE-78src/playlist.js
2026-05-22
aandrew-me/ytDownloaderPath traversal in translation file loading via IPC
CWE-22main.js
2026-05-22
bytedance/UI-TARSUnsafe eval() on model-controlled `start_box`/`end_box` strings
CWE-95codes/ui_tars/action_parser.py
2026-05-22
hiteshchoudhary/apihubOpen redirect via unvalidated `url` query parameter
CWE-601src/controllers/kitchen-sink/redirect.controllers.js
2026-05-22
is-a-dev/registerGitHub Actions script injection via PR metadata in CI workflow
CWE-78.github/workflows/ci.yml
2026-05-22
marcelscruz/public-apisPR review automation uses pull_request_target with fork content access
CWE-829scripts/pr-review-automation.js
2026-05-22
openai/whisperUnsafe torch.load on user-supplied model checkpoint enables arbitrary code execution
CWE-502whisper/__init__.py
2026-05-22
viarotel-org/escrcpyShell command injection via unsanitized device ID and host/port in ADB commands
CWE-78desktop/electron/middleware/adb/index.js
2026-05-22
wechat-article/wechat-article-exporterServer-side code execution via puppeteer setContent with user-supplied HTML
CWE-94server/api/web/pdf/generate.post.ts
2026-05-22
xinnan-tech/xiaozhi-esp32-serverShell injection via SECRET_KEY in docker-setup.sh
CWE-78docker-setup.sh
2026-05-22
yikart/AiToEarnSSRF via image URL in MCP image-edit tools
CWE-918project/aitoearn-backend/apps/aitoearn-ai/src/core/agent/mcp/image-edit.mcp.ts
2026-05-22
yikart/AiToEarnCommand injection via mediaUrl in FFmpeg execa calls
CWE-78project/aitoearn-backend/apps/aitoearn-ai/src/core/agent/mcp/subtitle.mcp.ts
2026-05-22
yikart/AiToEarnSSRF via videoUrl/mediaUrl in video-utils MCP tools
CWE-918project/aitoearn-backend/apps/aitoearn-ai/src/core/agent/mcp/video-utils.mcp.ts
2026-05-22
CodeWithHarry/Sigma-Web-Dev-CourseMissing authentication on password manager API — all passwords exposed
CWE-862Video 130/passop-mongo/backend/server.js
2026-05-21
CodeWithHarry/Sigma-Web-Dev-CourseupdateProfile server action lacks authorization — any authenticated user can overwrite another user's profile
CWE-862Video 131/actions/useractions.js
2026-05-21
CodeWithHarry/Sigma-Web-Dev-CourseServer-side arbitrary file write via user-controlled form input
CWE-94Video 125/server-actions/actions/form.js
2026-05-21
CodeWithHarry/Sigma-Web-Dev-CourseNoSQL injection in linktree-clone API — full request body inserted into MongoDB
CWE-943Video 137/linktree-clone/app/api/add/route.js
2026-05-21
DayuanJiang/next-ai-draw-ioSSRF via parse-url endpoint with DNS rebinding or redirect bypass
CWE-918app/api/parse-url/route.ts
2026-05-21
Wei-Shaw/claude-relay-serviceArbitrary code execution via balance script vm.Script sandbox escape
CWE-94src/services/balanceScriptService.js
2026-05-21
danielmiessler/Personal_AI_InfrastructurePath traversal in file save API via filename parameter
CWE-22Packs/Telos/src/DashboardTemplate/App/api/file/save/route.ts
2026-05-21
danielmiessler/Personal_AI_InfrastructurePath traversal in file upload API via user-controlled filename
CWE-22Packs/Telos/src/DashboardTemplate/App/api/upload/route.ts
2026-05-21
danielmiessler/Personal_AI_InfrastructureSSRF and API key exposure via unauthenticated Haiku proxy endpoint
CWE-918Releases/v2.3/.claude/Observability/apps/server/src/index.ts
2026-05-21
getumbrel/umbrelCommand injection via external storage device ID in shell commands
CWE-78packages/umbreld/source/modules/files/external-storage.ts
2026-05-21
keephq/keepArbitrary method invocation on provider instances via invoke_provider_method endpoint
CWE-749keep/api/routes/providers.py
2026-05-21
mailcow/mailcow-dockerizedShell injection via maildir cleanup/move commands in DockerApi
CWE-78data/Dockerfiles/dockerapi/modules/DockerApi.py
2026-05-21
mailcow/mailcow-dockerizedArbitrary method invocation via getattr on user-controlled method name
CWE-185data/Dockerfiles/dockerapi/main.py
2026-05-21
open-metadata/OpenMetadataSQL injection via Jinja2 template rendering of column_name and table_name into raw SQL
CWE-89ingestion/src/metadata/data_quality/validations/column/sqlalchemy/columnRuleLibrarySqlExpressionValidator.py
2026-05-21
open-metadata/OpenMetadataArbitrary code execution via pandas DataFrame.query() with user-controlled expression
CWE-94ingestion/src/metadata/data_quality/validations/column/pandas/columnRuleLibrarySqlExpressionValidator.py
2026-05-21
rowboatlabs/rowboatPath traversal in file upload endpoint
CWE-22apps/rowboat/app/api/uploads/[fileId]/route.ts
2026-05-21
rowboatlabs/rowboatPath traversal in CLI builtin tools (readFile, createFile, updateFile, deleteFile)
CWE-22apps/cli/src/application/lib/builtin-tools.ts
2026-05-21
yichuan-w/LEANNUnsafe pickle.load on attacker-controlled passage index file
CWE-502packages/leann-core/src/leann/api.py
2026-05-21
yichuan-w/LEANNUnsafe pickle.load on attacker-controlled embeddings file
CWE-502packages/leann-core/src/leann/api.py
2026-05-21
alibaba/page-agentLLM-controlled arbitrary JavaScript execution via execute_javascript tool
CWE-94packages/page-controller/src/PageController.ts
2026-05-20
confident-ai/deepevalArbitrary code execution via LLM-generated code in HumanEval benchmark
CWE-94deepeval/benchmarks/human_eval/human_eval.py
2026-05-20
electerm/electermOS command injection via unsanitized paths in local fs operations
CWE-78src/app/lib/fs.js
2026-05-20
electerm/electermPath traversal in local terminal exec allows arbitrary command execution
CWE-78src/app/server/session-local.js
2026-05-20
ourongxing/newsnowSQL Injection in Cache.getEntire via unsanitized keys
CWE-89server/database/cache.ts
2026-05-20
jackwener/OpenCLIShell command injection via unsanitized prompt in autoresearch run.ts
CWE-78autoresearch/commands/run.ts
2026-05-19