ROOT-APP-PYPI-GHSA-MV93-W799-CJ2W GHSA-mv93-w799-cj2w in rootio-GitPython - Patched by Root

Root has patched GHSA-mv93-w799-cj2w in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-34525 CVE-2026-34525 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34525 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-34516 CVE-2026-34516 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34516 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-34514 CVE-2026-34514 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34514 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-22701 CVE-2026-22701 in rootio-filelock - Patched by Root

Root has patched CVE-2026-22701 in the rootio-filelock package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-68146 CVE-2025-68146 in rootio-filelock - Patched by Root

Root has patched CVE-2025-68146 in the rootio-filelock package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-42284 CVE-2026-42284 in rootio-GitPython - Patched by Root

Root has patched CVE-2026-42284 in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-44244 CVE-2026-44244 in rootio-GitPython - Patched by Root

Root has patched CVE-2026-44244 in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-68131 CVE-2025-68131 in rootio-cbor2 - Patched by Root

Root has patched CVE-2025-68131 in the rootio-cbor2 package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-GHSA-VP47-9734-PRJW GHSA-vp47-9734-prjw in rootio-asteval - Patched by Root

Root has patched GHSA-vp47-9734-prjw in the rootio-asteval package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-21226 CVE-2026-21226 in rootio-azure-core - Patched by Root

Root has patched CVE-2026-21226 in the rootio-azure-core package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-62611 CVE-2025-62611 in rootio-aiomysql - Patched by Root

Root has patched CVE-2025-62611 in the rootio-aiomysql package for Root:PyPI. Multiple fixed versions available...

Malicious code in spaysrbdata (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d461e4f26b3a0fb04120613c34e74745f6d63ce83abe98c40e470c527921501 The package exfiltrates Roblox cookies from the victim machine. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...

Malicious code in lib-1779997093-yjeeqn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 adfe3f8b85f731f407f8da6669a76b821b042e4ea1f2fd8fcfddf3293c2ca697 During installation, the package opens a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-4747 Malicious code in edison-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c151a181047e12f1de0e91b1923861446b04558028d518e30df1767ccc85def7 At pip install time, setup.py reads the EDISONQUERY environment variable from the installer's environment and POSTs it to...

ROOT-APP-PYPI-CVE-2024-12797 CVE-2024-12797 in rootio-cryptography - Patched by Root

Root has patched CVE-2024-12797 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

MAL-2026-4272 Malicious code in env-loader-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1749501a0825ad4a98638bbab4bd2bd9550436adcb9bb7781b6552735f7f3eb0 The package advertises itself as a benign.env/JSON/YAML loader but its top-level init.py imports a hidden core module that, on every import envloader...

MAL-2026-4269 Malicious code in mistral-evals (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f79806b5d197ed3b6beeedfb7092ad6da36d1d186ad57dc12be0b030c63726c9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in pypi-build-verifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43a9aa0e00091b0758de27e4e5708a572d91bcada3757f4ce7bc1a0b17cb2965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4245 Malicious code in pypi-build-verifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43a9aa0e00091b0758de27e4e5708a572d91bcada3757f4ce7bc1a0b17cb2965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...