Aigent.ly

Threat Intelligence

Live CVE feed

136 threats tracked across 6 launch stacks — sourced from NVD, GHSA, CISA KEV, and OSV.

Stack exposure — click to filter✕ Clear stack filter
Next.js
3crit/37high
Express / Node.js
6crit/15high
FastAPI / Python
2crit/8high
NestJS
0crit/12high
Nuxt
2crit/15high
React SPA
0crit/20high
AllCritical + HighCriticalHighMediumLow
2threats · FastAPI / Python · Critical
Get guardrails →
CriticalCVE-2024-33663
2 rules

python-jose algorithm confusion with OpenSSH ECDSA keys

python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.

OWASP A02OWASP WEB
Get guardrail →
CriticalCVE-2025-3248
2 rules

FastAPI unauthenticated RCE via code eval endpoint (Langflow)

FastAPI app executed arbitrary Python via /api/v1/validate/code without authentication. Actively exploited in wild.

OWASP A03OWASP A07OWASP WEB
Get guardrail →

Showing 12 of 2 threats