Lucene search
+L

15 matches found

ossf
ossf
added 2026/06/08 10:18 a.m.13 views

Malicious code in openai-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c30f8b1a160c72529e2671b81be13ea671302e9bc3915ee84bd2212e0fdd5a3 The package name and module structure impersonate the official openai Python SDK the package even rewrites exported classes' module attribute to...

5.6AI score
Exploits0References6
osv
osv
added 2026/06/08 10:18 a.m.13 views

MAL-2026-5320 Malicious code in openai-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c30f8b1a160c72529e2671b81be13ea671302e9bc3915ee84bd2212e0fdd5a3 The package name and module structure impersonate the official openai Python SDK the package even rewrites exported classes' module attribute to...

5.6AI score
Exploits0References6
osv
osv
added 2026/06/08 7:54 a.m.12 views

MAL-2026-5305 Malicious code in tlask (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae87e0c65760999b8ff4e28d11505b15a71a1a46dd8d761122e3d9d8e2cd85b6 The package is published as 'tlask', a single-character edit of the widely used 'flask' package on PyPI. Metadata and module contents are copied...

6.2AI score
Exploits0References7
ossf
ossf
added 2026/06/08 7:52 a.m.15 views

Malicious code in rsquests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2041887c315474d0722cbf717e189ec1260e209c5f00da5ca3a52a60c6aebb2 The package name rsquests is a single-character insertion typo of the top-100 PyPI package requests. Package metadata and source are a verbatim copy ...

6AI score
Exploits0References7
ossf
ossf
added 2026/06/06 6:13 a.m.13 views

Malicious code in phenopacket-store-toolkit (PyPI)

The package phenopacket-store-toolkit version 0.1.7 contains a malicious .pth file phenopacketstoretoolkit-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release...

6AI score
Exploits0References7
ossf
ossf
added 2026/06/06 6:13 a.m.22 views

Malicious code in dynamo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4e35bea632f7363e7a1cc6ccbfb9227eca2c4720b0a689edc1bc3ce64c9d85c Versions 1.5.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...

5.5AI score
Exploits0References5
ossf
ossf
added 2026/06/06 6:13 a.m.14 views

Malicious code in instructor-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db8a103a73261cd6de8f763fa639d1bd148124ca661893e9d3ab73cd76ab50b instructor-mcp 1.15.2 is a typosquat of the legitimate instructor PyPI library it copies the same author names, README, and repository URL...

5.6AI score
Exploits0References6
ossf
ossf
added 2026/06/06 6:13 a.m.21 views

Malicious code in coolbox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55bfdad112134e980af7568a9138be1e4b940f7bfbeebad2b0f85d9337a0f44 The wheel installs coolbox-setup.pth, a Python path-configuration file that Python auto-loads at every interpreter startup any python invocation...

5.6AI score
Exploits0References6
osv
osv
added 2026/06/06 6:13 a.m.10 views

MAL-2026-5324 Malicious code in pyphetools (PyPI)

The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...

6.1AI score
Exploits0References7
ossf
ossf
added 2026/06/06 6:13 a.m.13 views

Malicious code in synago (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3e1bae7957cb735edd8424c1d2efe54b597c3a484ba77c9239e9ff8ec06327f The package installs synago-setup.pth, which Python auto-executes on every interpreter startup not only on import synago. The.pth contains an...

5.8AI score
Exploits0References6
osv
osv
added 2026/06/06 6:13 a.m.14 views

MAL-2026-5282 Malicious code in mrbios (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d1c97dced5d8f917e2e9901e0ed99fb0034bfafb5a3d46ad47eeba76a883c57 The package installs mrbios-setup.pth into site-packages. Python auto-loads.pth files at every interpreter startup, so the contained payload runs...

6.2AI score
Exploits0References7
ossf
ossf
added 2026/06/06 6:13 a.m.15 views

Malicious code in pyphetools (PyPI)

The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...

6AI score
Exploits0References7
osv
osv
added 2026/06/06 6:13 a.m.19 views

MAL-2026-5300 Malicious code in funcdesc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a5756a79331cdda67721e39889609f5c0b5e342b678dbce2de97c94ec2dbe29 The package installs funcdesc-setup.pth, which Python auto-executes at interpreter startup for any environment where this package is installed. The.p...

6.3AI score
Exploits0References7
osv
osv
added 2026/06/06 6:13 a.m.11 views

MAL-2026-5321 Malicious code in orchestr8-platform (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9526ae43236ac15964b307175384455975ace26d8157ef3c41ed8db8192562 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References5
osv
osv
added 2026/06/01 12:0 a.m.28 views

MAL-2026-5143 Malicious code in @redhat-cloud-services/javascript-clients-shared (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

6.2AI score
Exploits0References2
Rows per page
Query Builder