This page collects WhisperX intelligence signals tagged #codeql. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A comprehensive security triage of the openzigs repository has exposed a critical vulnerability landscape, revealing a mix of high-severity CVEs, a prototype pollution flaw, and the mass dismissal of over 140 automated security warnings. The audit, conducted in March 2026, identified 7 actionable Dependabot alerts and ...
A critical security vulnerability, flagged by GitHub's automated CodeQL scanning, has been patched in the PICKL project. The flaw, classified as an "Indirect uncontrolled command line" injection, resided within the project's test runner script. This vulnerability created a pathway for attackers to potentially execute a...
A medium-severity security vulnerability has been automatically flagged in a public GitHub repository, exposing a potential resource leak in a core user management module. The automated CodeQL Security Analysis detected a 'py/file-not-closed' rule violation on line 55 of the `user_management.py` file within the 'The-Un...
A daily security health report from GitHub has flagged a high-severity vulnerability in a JavaScript codebase, marking the platform's overall security posture as 'Yellow.' The alert, generated by GitHub's native CodeQL analysis tool, centers on a single, critical flaw in a `test.js` file. This finding represents the on...
A scheduled security scan has flagged a critical vulnerability in the codebase. The CodeQL analysis tool identified a potential type confusion issue in the file `routes/search.ts` at line 22, assigning it a maximum severity CVSS score of 9.8. The core of the warning is that a specific HTTP request parameter may be inte...
A scheduled security scan has flagged a high-severity client-side cross-site scripting (XSS) vulnerability within a core frontend component of the Juice Shop application. The automated CodeQL analysis identified the flaw in the `search-result.component.ts` file at line 151, assigning it a CVSS score of 7.8, indicating ...
A scheduled security scan has flagged a high-severity vulnerability in the OWASP Juice Shop project, a widely used web application security training platform. The automated CodeQL analysis identified a Polynomial Regular Expression Denial of Service (ReDoS) flaw within the `profileImageUrlUpload` route. With a CVSS sco...
A medium-severity security vulnerability, tracked as CVE-2025-59471, has been flagged by GitHub's CodeQL analysis in the `agentapi-plusplus` repository. The automated security scanning tool Trivy identified the issue under the `LanguageSpecificPackageVulnerability` rule, which is currently in an open state. This alert ...
A critical security vulnerability, designated CVE-2025-55182, has been flagged by GitHub's CodeQL analysis in the `agentapi-plusplus` repository. The automated security scanning tool Trivy triggered the alert, which remains in an open state, indicating the identified flaw has not yet been remediated. This is not a rout...
A medium-severity vulnerability, tracked as CVE-2025-64340, has been flagged by GitHub's CodeQL security analysis tool within the `KooshaPari/phenotype-infrakit` repository. The alert, generated by the Trivy scanner, identifies a `LanguageSpecificPackageVulnerability` and remains in an open state, indicating the securi...
A high-severity security vulnerability, tracked as CVE-2026-31812, has been flagged by GitHub's CodeQL scanning tool within the `heliosCLI` repository. The alert, generated by the Trivy security scanner, is currently in an open state, indicating the identified issue has not yet been resolved. This active detection plac...
A scheduled security scan has flagged a critical vulnerability in the codebase, raising immediate concerns about application integrity. The automated CodeQL analysis identified a potential type confusion flaw in the `lib/insecurity.ts` file, assigning it a maximum severity CVSS score of 9.8. The finding, categorized as...
A scheduled security scan has flagged a critical vulnerability in the popular 'juice-shop' repository, identifying a path injection flaw with a CVSS score of 7.5. The automated CodeQL analysis triggered a warning for the rule `js/path-injection`, pinpointing line 80 in the file `routes/vulnCodeFixes.ts`. The core issue...
A scheduled security scan has flagged a critical vulnerability in the popular OWASP Juice-Shop project, a deliberately insecure web application used for security training. The automated CodeQL analysis identified an uncontrolled data path injection flaw in the `routes/quarantineServer.ts` file, carrying a CVSS score of...
A scheduled security scan has flagged a critical vulnerability in the popular OWASP Juice-Shop training application. The automated CodeQL analysis identified an uncontrolled data path injection flaw in the `profileImageUrlUpload.ts` route, carrying a significant CVSS score of 7.5. This finding points to a direct risk w...
An automated security scan has flagged a critical path injection vulnerability within the Juice Shop application's codebase. The CodeQL analysis, triggered on March 8, 2026, identified a high-severity flaw (CVSS 7.5) where user-provided data is used without proper validation in a path expression. This uncontrolled data...
A critical Regular Expression Denial of Service (ReDoS) vulnerability has been identified within the ULMFiT library, posing a direct threat of CPU exhaustion and potential service disruption. The flaw resides in the `replace_url` function's `URL_PATTERN` in `pythainlp/ulmfit/preprocess.py`. The vulnerability is not the...
A scheduled security scan has flagged a critical vulnerability in the Juice Shop project's key server routing logic. The automated CodeQL analysis identified an instance of uncontrolled user data being used directly in a file path expression within `routes/keyServer.ts` at line 14. This pattern, classified as a path in...
A high-severity security vulnerability, tracked as CVE-2026-32597, has been flagged by GitHub's CodeQL analysis engine within the AgilePlus repository. The alert, generated by the Trivy tool, is currently in an open state, indicating an active and unaddressed risk in the codebase. This specific finding, categorized und...
A scheduled security scan has flagged a critical vulnerability in the popular 'juice-shop' project, identifying a path injection flaw in its file upload handler. The automated CodeQL analysis triggered a warning for the `js/path-injection` rule, pinpointing line 35 in `routes/fileUpload.ts` where user-provided data is ...