CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/01/14 9:14 p.m.•9 views

Malicious code in legendevil1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3188a850ecb974606264f28634afaca67ec2f49c1c759cf590aa39ba19e50452 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

7.2AI score

OSSF Malicious Packages•added 2025/12/21 2:3 p.m.•5 views

Malicious code in runtimeutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d312906cc585fcd02b2ac0b52bb04a23b0294532e3625c7f5e27bf1e4b51e4a Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...

OSSF Malicious Packages•added 2025/12/19 8:42 p.m.•4 views

Exploits0References3

Malicious code in system-health-check-test-unique (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10bfd6e986187675dd7d7e3a8f860807e408fd6a91694ca0e0128be83fa8fc47 Importing the module exfiltrates content of /var/www/html to a remote host --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

OSSF Malicious Packages•added 2025/12/10 6:33 p.m.•4 views

Malicious code in netbenchkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa328b263fd5f17449e326d05af9a5849a25d6c028d092e586097e95c4e1db59 Package imports and executes malicious synium package --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

OSSF Malicious Packages•added 2025/12/02 9:29 p.m.•4 views

Malicious code in pulsecord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 025d4e33a2037fb9ad36cb4b08b122e4439bb4932b73ac6c6f403609e7e1c09e This package is prepared for silent execution of a malicious executable, with disabling AV protection. While there is no link to the malicious binary inside, t...

OSV•added 2025/11/29 10:54 a.m.•2 views

MAL-2025-191783 Malicious code in logguru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...

OSSF Malicious Packages•added 2025/11/26 11:58 p.m.•3 views

Exploits0References3

Malicious code in discordhelper-ecr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 689b1c190dc23f0188a57cac218b8dd66c56ecb77478d9bdac584a8cd111bb9b Package exftrates discord credentials to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

OSSF Malicious Packages•added 2025/11/18 12:29 a.m.•3 views

Malicious code in requtils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 58a7ebfdccf4fd67fac4e6a3c3183918f4682e004468286a5675622ae6fc35c5 Package attempts to automatically exfiltrate API keys --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

OSV•added 2025/11/14 5:24 p.m.•1 views

MAL-2025-191810 Malicious code in pam98wyfupa98w (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be7177fd2d56b518724377233ca5eda13a07f6252e400cfb4c1115db456b5fd8 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

7.5AI score

OSSF Malicious Packages•added 2025/11/14 5:23 p.m.•3 views

Malicious code in d1n0-exploit-aaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

7.6AI score

OSSF Malicious Packages•added 2025/11/08 8:20 p.m.•2 views

Malicious code in db-aggregator-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aed54ed734902c1a5749b7861e2ad95cc2d8c71c78fa4b0167499f9a1b296f9f Importing the module downloads and starts an infostealer. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

OSSF Malicious Packages•added 2025/10/31 12:13 a.m.•1 views

Malicious code in speed-testing-nt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dcfc1b92868e7f4eef0f4c0e901418a557089fe5269a1e4ef07725d397cddbb3 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

OSSF Malicious Packages•added 2025/10/08 12:45 p.m.•3 views

Malicious code in anothertestproject (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9afc767fc8ba3416898082c5c16725f6006f89401be77366b8fdf487aeb51e5 Package contains a malicious executable and a function to start it. The executable is detected by AV and appears to be an infostealer --- Category: MALICIOUS -...

6.9AI score

OSV•added 2025/09/20 8:25 a.m.•1 views

MAL-2025-191852 Malicious code in readosso (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 67ade73536cb4834ba05b33797c1cadcddbf7d90fc099bd6e53f94b9deec4f66 Package automatically starts a Discord bot waiting for instructions to download and start a remote executable --- Category: MALICIOUS - The campaign has clearl...

6.9AI score

OSV•added 2025/09/03 3:12 p.m.•2 views

MAL-2025-191735 Malicious code in fromwherebitch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 afc6e5261aea72f5412acfb599af497963496a824bdd8a9b943b2873cbd4c743 Importing the module downloads and executes widely recognized malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

OSSF Malicious Packages•added 2025/09/03 3:12 p.m.•3 views

Malicious code in fromwherebitch (PyPI)

OSV•added 2025/09/03 3:0 p.m.•1 views

MAL-2025-191938 Malicious code in xwormclient (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a6c0b4ce2747e70d2e9f46f624188d4da6a70af3182e6e94b22de7446dc180c Importing the module downloads and executes widely recognized malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

OSSF Malicious Packages•added 2025/09/03 3:0 p.m.•3 views

Malicious code in xwormclient (PyPI)

OSSF Malicious Packages•added 2025/08/30 11:17 a.m.•4 views

Malicious code in fuckyoubitchbro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fbbf1ade5d81c12afb87a44117b27f76d2e4bfa91b578fc50dfb44a8bb79cabe Importing the module downloads and executes widely recognized malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...