3 matches found
CVE-2026-53842
OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection through CLOUDSDKPYTHON during Gmail setup gcloud execution. Attackers with repository access can manipulate the CLOUDSDKPYTHON variable to execute...
Malicious code in tencent-cloud-python-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security bf236cca18e4d157a57cd3de7abed8ad967103c42b9ae53f5026174af46b64a4 Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...
MAL-2023-8370 Malicious code in tencent-cloud-python-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security bf236cca18e4d157a57cd3de7abed8ad967103c42b9ae53f5026174af46b64a4 Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...