CRIT
MINED102[MINED102] Shell Injection Via F-string: Shell command built via f-string or .format with…
system/timed.py:22
CRIT
MINED018[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLo…
selfdrive/modeld/get_model_metadata.py:44
CRIT
MINED018[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLo…
selfdrive/modeld/dmonitoringmodeld.py:46
CRIT
MINED030[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.
selfdrive/modeld/get_model_metadata.py:44
CRIT
MINED030[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.
selfdrive/modeld/dmonitoringmodeld.py:33
CRIT
MINED030[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.
selfdrive/debug/print_docs_diff.py:22
CRIT
SEC081[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marsh…
selfdrive/modeld/get_model_metadata.py:44
CRIT
SEC081[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marsh…
selfdrive/modeld/dmonitoringmodeld.py:33
CRIT
SEC081[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marsh…
selfdrive/debug/print_docs_diff.py:22
CRIT
MINED107Missing import: `platform` used but not imported
tools/cabana/dbc/generate_dbc_json.py:14
CRIT
MINED107Missing import: `http` used but not imported
system/hardware/tici/lpa.py:418
CRIT
MINED107Missing import: `stat` used but not imported
system/loggerd/uploader.py:190
CRIT
MINED107Missing import: `struct` used but not imported
cereal/messaging/__init__.py:38
CRIT
MINED107Missing import: `platform` used but not imported
selfdrive/debug/print_flags.py:7
CRIT
MINED107Missing import: `stat` used but not imported
system/proclogd.py:87
CRIT
private-keyIdentified a Private Key, which may compromise cryptographic security and sensitive data …
system/hardware/tici/id_rsa:1
CRIT
MINED116Workflow uses `secrets.CI_ARTIFACTS_DEPLOY_KEY` on a `pull_request` trigger
.github/workflows/tests.yaml:163
CRIT
MINED116Workflow uses `secrets.OPENPILOT_DOCS_KEY` on a `pull_request` trigger
.github/workflows/docs.yaml:41
HIGH
SEC085[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived in…
tools/jotpluggler/math_eval.py:49
HIGH
SEC085[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived in…
tools/cabana/tools/findsignal.cc:277
HIGH
SEC085[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived in…
tools/cabana/detailwidget.cc:111
HIGH
SEC080[SEC080] Python: tarfile.extractall without filter: tarfile.extract*() without filter='da…
system/updated/casync/tar.py:38
HIGH
SEC114[SEC114] path.join / Path() on user-controlled segment without containment check: filepat…
system/manager/helpers.py:57
HIGH
MINED034[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command inje…
system/tombstoned.py:40
HIGH
MINED034[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command inje…
system/timed.py:22
HIGH
MINED034[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command inje…
system/hardware/tici/agnos.py:267
HIGH
SEC078[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang …
system/ubloxd/pigeond.py:47
HIGH
SEC103[SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDA…
selfdrive/ui/translations/potools.py:301
HIGH
MINED021[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can co…
selfdrive/modeld/get_model_metadata.py:51
HIGH
MINED006[MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and Syste…
selfdrive/debug/uiview.py:33
HIGH
MINED006[MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and Syste…
selfdrive/debug/check_timings.py:28
HIGH
MINED006[MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and Syste…
selfdrive/debug/can_print_changes.py:63
HIGH
SEC035[SEC035] Unbounded Resource Allocation — DoS risk: Allocating resources (buffers, recursi…
tools/lateral_maneuvers/lateral_maneuve…:93
HIGH
SEC035[SEC035] Unbounded Resource Allocation — DoS risk: Allocating resources (buffers, recursi…
tools/joystick/joystickd.py:19
HIGH
SEC035[SEC035] Unbounded Resource Allocation — DoS risk: Allocating resources (buffers, recursi…
selfdrive/controls/plannerd.py:16
HIGH
MINED004[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).
scripts/ci_results.py:75
HIGH
SEC029[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT…
selfdrive/ui/widgets/pairing_dialog.py:31
HIGH
SEC029[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT…
selfdrive/ui/mici/widgets/pairing_dialo…:29
HIGH
SEC029[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT…
scripts/ci_results.py:66
HIGH
MINED036[MINED036] Python Os System Call: os.system() invokes shell with no escaping.
system/hardware/tici/agnos.py:281
HIGH
MINED036[MINED036] Python Os System Call: os.system() invokes shell with no escaping.
selfdrive/ui/layouts/settings/software.…:161
HIGH
MINED036[MINED036] Python Os System Call: os.system() invokes shell with no escaping.
common/utils.py:40
HIGH
MINED017[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic.
tools/jotpluggler/util.cc:30
HIGH
MINED017[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic.
selfdrive/ui/installer/installer.cc:79
HIGH
MINED017[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic.
common/util.h:100
HIGH
MINED009[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of D…
common/spinner.py:27
HIGH
MINED001[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e…
common/timeout.py:3
HIGH
MINED001[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e…
common/spinner.py:24
HIGH
MINED001[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e…
common/prefix.py:40
HIGH
SEC128[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call …
common/logging_extra.py:157
HIGH
SEC128[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call …
common/filter_simple.py:30
HIGH
SEC128[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call …
common/api.py:38
HIGH
MINED108`self.stream` used but never assigned in __init__
common/swaglog.py:56
HIGH
MINED108`self.stream` used but never assigned in __init__
common/swaglog.py:51
HIGH
MINED108`self.encoding` used but never assigned in __init__
common/swaglog.py:37
HIGH
MINED108`self.mode` used but never assigned in __init__
common/swaglog.py:37
HIGH
MINED108`self._smbus_access` used but never assigned in __init__
common/i2c.py:78
HIGH
MINED108`self._set_address` used but never assigned in __init__
common/i2c.py:72
HIGH
MINED108`self._smbus_access` used but never assigned in __init__
common/i2c.py:69
HIGH
MINED108`self._set_address` used but never assigned in __init__
common/i2c.py:66
HIGH
MINED108`self._smbus_access` used but never assigned in __init__
common/i2c.py:62
HIGH
MINED108`self._set_address` used but never assigned in __init__
common/i2c.py:60
HIGH
MINED108`self.close` used but never assigned in __init__
common/i2c.py:44
HIGH
MINED108`self.close` used but never assigned in __init__
common/text_window.py:43
HIGH
MINED108`self.close` used but never assigned in __init__
common/text_window.py:40
HIGH
MINED108`self.get_status` used but never assigned in __init__
common/text_window.py:35
HIGH
MINED108`self.reader` used but never assigned in __init__
scripts/reporter.py:21
HIGH
MINED108`self._parse_StringStringEntryProto` used but never assigned in __init__
scripts/reporter.py:19
HIGH
MINED108`self.reader` used but never assigned in __init__
scripts/reporter.py:16
HIGH
MINED108`self._parse_message` used but never assigned in __init__
scripts/reporter.py:16
HIGH
MINED108`self.git_normalized_origin` used but never assigned in __init__
system/version.py:82
HIGH
MINED108`self.update` used but never assigned in __init__
system/micd.py:111
HIGH
MINED108`self.get_stream` used but never assigned in __init__
system/micd.py:108
HIGH
MINED108`self.callback` used but never assigned in __init__
system/micd.py:102
HIGH
MINED108`self._send` used but never assigned in __init__
system/statsd.py:60
HIGH
MINED108`self._send` used but never assigned in __init__
system/statsd.py:55
HIGH
MINED108`self.connect` used but never assigned in __init__
system/statsd.py:46
HIGH
DKR001Docker final stage runs as root
Dockerfile.openpilot:37
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:201
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v4`
.github/workflows/tests.yaml:160
HIGH
MINED115Action `actions/upload-artifact` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:152
HIGH
MINED115Action `actions/upload-artifact` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:145
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:128
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:105
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:88
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:68
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/tests.yaml:38
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/docs.yaml:37
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/docs.yaml:24
HIGH
MINED115Action `commaai/timeout` pinned to mutable ref `@v1`
.github/workflows/docs.yaml:23
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/model_review.yaml:23
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/model_review.yaml:19
HIGH
MINED115Action `actions/stale` pinned to mutable ref `@v10`
.github/workflows/stale.yaml:37
HIGH
MINED115Action `actions/stale` pinned to mutable ref `@v10`
.github/workflows/stale.yaml:16
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/repo-maintenance.yaml:17
HIGH
MINED115Action `thollander/actions-comment-pull-request` pinned to mutable ref `@v2`
.github/workflows/diff_report.yaml:40
HIGH
MINED115Action `dawidd6/action-download-artifact` pinned to mutable ref `@v6`
.github/workflows/diff_report.yaml:29
HIGH
MINED115Action `lewagon/wait-on-check-action` pinned to mutable ref `@v1.3.4`
.github/workflows/diff_report.yaml:20
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v4`
.github/workflows/release.yaml:25
HIGH
MINED115Action `actions/github-script` pinned to mutable ref `@v8`
.github/workflows/jenkins-pr-trigger.ya…:89
HIGH
MINED115Action `actions/checkout` pinned to mutable ref `@v6`
.github/workflows/jenkins-pr-trigger.ya…:75
HIGH
MINED115Action `actions/github-script` pinned to mutable ref `@v8`
.github/workflows/jenkins-pr-trigger.ya…:55
HIGH
MINED115Action `actions/github-script` pinned to mutable ref `@v8`
.github/workflows/jenkins-pr-trigger.ya…:14
HIGH
MINED118Dockerfile FROM `ubuntu:24.04` not pinned by digest
Dockerfile.openpilot:1
HIGH
SEC013[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file pat…
selfdrive/ui/installer/installer.cc:216
HIGH
SEC013[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file pat…
selfdrive/modeld/helpers.py:11
HIGH
SEC013[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file pat…
selfdrive/car/card.py:122
HIGH
SEC005[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
system/ui/tici_reset.py:48
HIGH
SEC005[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
system/ui/mici_reset.py:109
MED
SEC045[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even …
tools/cabana/streams/replaystream.cc:147
MED
SEC045[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even …
tools/cabana/detailwidget.cc:111
MED
SEC045[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even …
tools/cabana/cabana.cc:87
MED
SEC012[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation all…
tools/plotjuggler/juggle.py:62
MED
SEC012[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation all…
system/updated/casync/tar.py:38
MED
SEC136[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all excepti…
system/hardware/tici/iwlist.py:20
MED
SEC127[SEC127] AI agent stub — TODO: implement / pass placeholder body: Function body left as T…
system/sensord/sensors/i2c_sensor.py:41
MED
SEC127[SEC127] AI agent stub — TODO: implement / pass placeholder body: Function body left as T…
system/hardware/base.py:157
MED
SEC127[SEC127] AI agent stub — TODO: implement / pass placeholder body: Function body left as T…
selfdrive/locationd/helpers.py:94
MED
SEC041[SEC041] Tabnabbing — target="_blank" without rel="noopener noreferrer": <a target="_blan…
selfdrive/debug/print_docs_diff.py:13
MED
SEC007[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
selfdrive/modeld/get_model_metadata.py:44
MED
SEC007[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
selfdrive/modeld/dmonitoringmodeld.py:33
MED
SEC007[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
selfdrive/debug/print_docs_diff.py:22
MED
ERR001[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even…
selfdrive/ui/mici/layouts/settings/fire…:65
MED
ERR001[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even…
selfdrive/modeld/helpers.py:24
MED
ERR001[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even…
selfdrive/car/card.py:126
MED
MINED111Bare except continues silently
system/ui/mici_updater.py:175
MED
MINED111Bare except continues silently
system/webrtc/webrtcd.py:378
MED
MINED111Bare except continues silently
system/loggerd/uploader.py:187
MED
MINED111Bare except continues silently
system/qcomgpsd/nmeaport.py:116
MED
MINED111Bare except continues silently
system/updated/updated.py:90
MED
MINED111Bare except continues silently
system/hardware/base.py:117
MED
MINED111Bare except continues silently
selfdrive/ui/widgets/ssh_key.py:66
MED
MINED111Bare except continues silently
selfdrive/debug/max_lat_accel.py:93
MED
MINED111Bare except continues silently
selfdrive/debug/filter_log_message.py:41
MED
MINED111Bare except continues silently
common/gpio.py:37
MED
MINED111Bare except continues silently
common/gpio.py:25
MED
MINED111Bare except continues silently
common/gpio.py:17
MED
MINED111Bare except continues silently
common/gpio.py:10
MED
MINED111Bare except continues silently
common/utils.py:263
MED
MINED111Bare except continues silently
common/utils.py:52
MED
AUC001[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks…
—
MED
GHSA-jg22-mg44-37j8aiohttp: GHSA-jg22-mg44-37j8
uv.lock
MED
GHSA-hg6j-4rv6-33pgaiohttp: GHSA-hg6j-4rv6-33pg
uv.lock
MED
WEB003Public web service has no security.txt
.well-known/security.txt
MED
AIC004Suspicious implementation file appears unreferenced
selfdrive/debug/live_cpu_and_temp.py:1
MED
DKR014Dockerfile copies broad context with incomplete .dockerignore
Dockerfile.openpilot:29
MED
AGT012Agent control bridge may listen on a network interface without visible auth
system/webrtc/webrtcd.py:12
MED
SEC005[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
common/utils.py:40
LOW
SEC124[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/ex…
tools/scripts/extract_audio.py:39
LOW
COMP001[COMP001] High cognitive complexity: Function `update_msgs` has cognitive complexity 8 (S…
cereal/messaging/__init__.py:214
LOW
COMP001[COMP001] High cognitive complexity: Function `recv_sock` has cognitive complexity 8 (Son…
cereal/messaging/__init__.py:64
LOW
COMP001[COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 11 (Son…
cereal/messaging/__init__.py:151
LOW
AIC003Duplicated implementation block across source files
tools/cabana/panda.h:1
LOW
AIC003Duplicated implementation block across source files
system/ui/tici_setup.py:276
LOW
AIC003Duplicated implementation block across source files
system/ui/lib/multilang.py:43
LOW
AIC003Duplicated implementation block across source files
system/sensord/sensors/lsm6ds3_gyro.py:23
LOW
AIC003Duplicated implementation block across source files
selfdrive/ui/onroad/model_renderer.py:10
LOW
AIC003Duplicated implementation block across source files
selfdrive/ui/onroad/cameraview.py:11
LOW
AIC003Duplicated implementation block across source files
selfdrive/ui/onroad/augmented_road_view…:78
LOW
AIC003Duplicated implementation block across source files
selfdrive/ui/onroad/alert_renderer.py:70
LOW
AIC003Duplicated implementation block across source files
selfdrive/selfdrived/selfdrived.py:405
LOW
AIC003Duplicated implementation block across source files
selfdrive/debug/read_dtc_status.py:10
LOW
DKR008.dockerignore misses sensitive defaults
.dockerignore
LOW
AIC002Source file name looks like an AI patch artifact
system/sensord/sensors/lsm6ds3_temp.py:1
LOW
AIC002Source file name looks like an AI patch artifact
selfdrive/debug/live_cpu_and_temp.py:1
INFO
MINED055[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versi…
tools/profiling/palanteer/setup.sh:10
INFO
MINED044[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger …
tools/bodyteleop/static/js/webrtc.js:34
INFO
MINED079[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) — off-…
system/ui/widgets/inputbox.py:180
INFO
MINED043[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr…
tools/replay/filereader.cc:7
INFO
MINED043[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr…
tools/bodyteleop/web.py:63
INFO
MINED043[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr…
system/ubloxd/glonass.py:3
INFO
MINED067[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang f…
system/loggerd/uploader.py:159
INFO
MINED067[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang f…
system/hardware/tici/agnos.py:25
INFO
MINED067[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang f…
selfdrive/ui/widgets/ssh_key.py:56
INFO
MINED062[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
selfdrive/ui/onroad/driver_state.py:39
INFO
MINED064[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
tools/scripts/extract_audio.py:40
INFO
MINED064[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
system/hardware/esim.py:57
INFO
MINED064[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
selfdrive/debug/car/hyundai_enable_rada…:94
INFO
MINED047[MINED047] Emoji In Source: Emoji ✅ ❌ 🚀 in code/comments — common AI output unless explic…
system/ui/widgets/keyboard.py:54
INFO
MINED047[MINED047] Emoji In Source: Emoji ✅ ❌ 🚀 in code/comments — common AI output unless explic…
selfdrive/assets/fonts/process.py:13
INFO
MINED072[MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in.
system/hardware/base.py:10
INFO
MINED072[MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in.
selfdrive/ui/mici/layouts/settings/fire…:223
INFO
MINED072[MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in.
common/timeout.py:3
INFO
MINED077[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.
system/manager/process.py:234
INFO
MINED077[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.
common/utils.py:120
INFO
MINED077[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.
common/swaglog.py:37
INFO
MINED050[MINED050] Stub Only Function: Function declared but body is just pass, return None, rais…
common/spinner.py:25
INFO
MINED050[MINED050] Stub Only Function: Function declared but body is just pass, return None, rais…
common/prefix.py:41
INFO
MINED050[MINED050] Stub Only Function: Function declared but body is just pass, return None, rais…
common/markdown.py:23
INFO
MINED075[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking fo…
cereal/messaging/socketmaster.cc:62
INFO
MINED042[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr — memory leak ri…
system/loggerd/encoderd.cc:83
INFO
MINED042[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr — memory leak ri…
system/loggerd/encoder/encoder.cc:9
INFO
MINED042[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr — memory leak ri…
cereal/messaging/bridge.cc:34
