AI Threat Alert
OpenAI Node Vulnerabilities
npm LLM APIs 34
Risk Score
6
Total CVEs
1
Critical
npm
Ecosystem
May 5, 2026
Last CVE
50%
Patch Rate
0d
Avg Time to Patch
10,905 stars
1,485 forks
245 issues
3,663 dependents
Last push May 15, 2026
View on GitHub
Known Vulnerabilities (6 total, page 1 of 1)
Severity CVE ID Summary CVSS Published
MEDIUM CVE-2026-42045 LobeChat: XSS-to-RCE via exposed Electron IPC 6.2 May 5, 2026 HIGH GHSA-w8hx-hqjv-vjcq Paperclip: RCE via workspace runtime command injection 7.3 Apr 16, 2026 HIGH GHSA-gqqj-85qm-8qhf paperclipai: connector trust bypass enables Gmail read/write 8.7 Apr 16, 2026 LOW GHSA-r7w7-9xr2-qq2r langchain-openai: SSRF DNS rebinding, blind network probe 3.1 Apr 16, 2026 CRITICAL CVE-2025-61260 OpenAI Codex CLI: RCE via malicious MCP config files 9.8 Apr 14, 2026 MEDIUM CVE-2026-39411 LobeChat: auth bypass via forged XOR obfuscated header 5.0 Apr 8, 2026 Monitor OpenAI Node in your stack
Get instant alerts when new vulnerabilities affect OpenAI Node. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring