This page collects WhisperX intelligence signals tagged #code-scanning. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A high-severity security vulnerability has been flagged in the open-source repository `phenotype-infrakit` by GitHub's automated CodeQL scanning system. The alert, identified as CVE-2026-27124, is categorized under the `LanguageSpecificPackageVulnerability` rule and is currently in an open state, indicating it has not ...
A medium-severity security vulnerability, tracked as CVE-2026-39365, has been flagged as an open issue within the HexaKit repository on GitHub. The alert, generated by the CodeQL static analysis tool, indicates an active 'LanguageSpecificPackageVulnerability' that has not yet been resolved. This finding is surfaced thr...
Checkmarx is battling a second supply-chain breach after detecting a compromised version of its Jenkins AST security plugin uploaded to the Jenkins Marketplace. The incident, discovered over the weekend of May 9, 2026, follows an earlier intrusion attributed to the TeamPCP threat group, raising fresh concerns about the...
Security scanning tools have detected four critical hardcoded secret vulnerabilities within the CogniCore project codebase, raising concerns over the exposure of API credentials and potential unauthorized access risks. The findings, reported through GitHub Issues, identify multiple instances where developers embedded s...