omni-cortex 1.0.10 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the omni-cortex package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Improper Neutralization of Input Used for LLM Prompting omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time Affected versions of this package are vulnerable to Improper Neutralization of Input Used for LLM Prompting. LLM prompt construction fails to sanitize user-controlled input, leading to attackers being able to manipulate AI model responses and bypass intended system instructions through specially crafted input that alters the prompt context. How to fix Improper Neutralization of Input Used for LLM Prompting? Upgrade `omni-cortex` to version 1.4.0 or higher.	[,1.4.0)
M Insertion of Sensitive Information into Log File omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. Activity logging fails to redact sensitive fields before writing to log files, leading to credentials, API tokens, passwords, and private user data being exposed in plain-text logs accessible to system administrators or attackers with log file access. How to fix Insertion of Sensitive Information into Log File? Upgrade `omni-cortex` to version 1.4.0 or higher.	[,1.4.0)
M Cross-site Request Forgery (CSRF) omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). The CORS configuration allows wildcard HTTP methods and headers, leading to malicious websites being able to make unauthorized cross-origin requests to API endpoints and perform actions on behalf of authenticated users. How to fix Cross-site Request Forgery (CSRF)? Upgrade `omni-cortex` to version 1.4.0 or higher.	[,1.4.0)
M Directory Traversal omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time Affected versions of this package are vulnerable to Directory Traversal. File operations fail to validate file path parameters against directory traversal sequences, leading to attackers being able to read or write arbitrary files outside the intended root directory by submitting requests containing path traversal sequences. How to fix Directory Traversal? Upgrade `omni-cortex` to version 1.4.0 or higher.	[,1.4.0)

Vulnerability

Vulnerable Version

Improper Neutralization of Input Used for LLM Prompting

omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time

Affected versions of this package are vulnerable to Improper Neutralization of Input Used for LLM Prompting. LLM prompt construction fails to sanitize user-controlled input, leading to attackers being able to manipulate AI model responses and bypass intended system instructions through specially crafted input that alters the prompt context.

How to fix Improper Neutralization of Input Used for LLM Prompting?

Upgrade omni-cortex to version 1.4.0 or higher.

[,1.4.0)

Insertion of Sensitive Information into Log File

omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time

Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. Activity logging fails to redact sensitive fields before writing to log files, leading to credentials, API tokens, passwords, and private user data being exposed in plain-text logs accessible to system administrators or attackers with log file access.

How to fix Insertion of Sensitive Information into Log File?

Upgrade omni-cortex to version 1.4.0 or higher.

[,1.4.0)

Cross-site Request Forgery (CSRF)

omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). The CORS configuration allows wildcard HTTP methods and headers, leading to malicious websites being able to make unauthorized cross-origin requests to API endpoints and perform actions on behalf of authenticated users.

How to fix Cross-site Request Forgery (CSRF)?

Upgrade omni-cortex to version 1.4.0 or higher.

[,1.4.0)

Directory Traversal

omni-cortex is a Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time

Affected versions of this package are vulnerable to Directory Traversal. File operations fail to validate file path parameters against directory traversal sequences, leading to attackers being able to read or write arbitrary files outside the intended root directory by submitting requests containing path traversal sequences.

How to fix Directory Traversal?

Upgrade omni-cortex to version 1.4.0 or higher.

[,1.4.0)

omni-cortex@1.0.10 vulnerabilities

Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically