igbuend/grimbard/open-cors-anti-pattern
Security anti-pattern for open Cross-Origin Resource Sharing (CORS) policies (CWE-942). Use when generating or reviewing server configurations, API backends, or any code that sets CORS headers. Detects overly permissive Access-Control-Allow-Origin headers, including wildcard, null origin, and reflected origin.
Risk Score
0
out of 100
Popularity
3
Stars
1
Forks
Feb 12, 2026
Updated
Findings by Severity (Latest Scan)
CodeThreat AppSec
Full SAST + SCA agentic security analysis for MCP servers and Skills.