Browse all 15 CVE security advisories affecting Snyk. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Snyk specializes in developer security tools, focusing on identifying and fixing vulnerabilities in open source dependencies and container images. Historically, the platform has commonly detected remote code execution, cross-site scripting, and privilege escalation flaws across various libraries and frameworks. While Snyk maintains a relatively low CVE count compared to larger vendors, its security model emphasizes early detection in the development lifecycle. The company has faced criticism for potential false positives in scanning results, though no major security incidents have been publicly attributed to the platform itself. Its approach prioritizes integration with existing development workflows rather than standalone security enforcement.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-21571 | Snyk Code Agent 安全漏洞 — Code AgentCWE-94 | 8.1 | High | 2024-12-06 |
| CVE-2024-48963 | Snyk CLI 安全漏洞 — Snyk CliCWE-78 | 7.5 | High | 2024-10-23 |
| CVE-2024-48964 | Snyk CLI 安全漏洞 — Snyk CliCWE-78 | 7.5 | High | 2024-10-23 |
| CVE-2023-1767 | Snyk Advisor 跨站脚本漏洞 — Snyk AdvisorCWE-79 | 4.3 | Medium | 2023-04-20 |
| CVE-2023-1065 | Snyk kubernetes-monitor 授权问题漏洞 — Snyk Kubernetes MonitorCWE-287 | 6.5 | Medium | 2023-02-28 |
| CVE-2019-10797 | transport-http 注入漏洞 — WSO2 transport-http | 6.5 | - | 2020-02-19 |
| CVE-2019-10791 | promise-probe 操作系统命令注入漏洞 — promise-probe | 9.8 | - | 2020-02-18 |
| CVE-2019-10793 | dot-object 注入漏洞 — dot-object | 6.3 | - | 2020-02-18 |
| CVE-2019-10792 | bodymen 注入漏洞 — bodymen | 6.3 | - | 2020-02-18 |
| CVE-2019-10795 | undefsafe 注入漏洞 — undefsafe | 6.3 | - | 2020-02-18 |
| CVE-2019-10794 | component-flatten 注入漏洞 — component-flatten | 6.3 | - | 2020-02-18 |
| CVE-2019-10781 | schema-inspector 安全漏洞 — schema-inspector | 9.4 | - | 2020-01-22 |
| CVE-2019-10760 | safer-eval 代码注入漏洞 — safer-eval | 9.9 | - | 2019-10-15 |
| CVE-2019-10759 | safer-eval 代码注入漏洞 — safer-eval | 9.9 | - | 2019-10-15 |
| CVE-2019-10744 | lodash 安全漏洞 — lodash | 8.2 | - | 2019-07-25 |
This page lists every published CVE security advisory associated with Snyk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.