13250 matches found
MAL-2026-2821 Malicious code in robase-quick-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f69377c01d5c0980cb9bf905be35133e5cd077e7c64c577460dc06e3871c2d9e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
3m (>=0.1.0 <=0.1.3), a2d-diary (>=0.1.0 <=0.1.5) +1779 more potentially affected by CVE-2026-41312 via pypdf2 (>=1.24.0 <=3.0.1)
pypdf2 PYPI version =1.24.0, =0.1.0, =0.1.0, =1.1.0, =0.0.0.1, =0.0.1, =0.0.0.1, =0.0.0.1, =0.0.0.1, =0.0.0.1, =0.0.0.2, =0.0.0.1, =0.0.0.1, =0.0.0.1, =0.0.0.1, =0.0.0.1, =0.0.0.1038 and more Source cves: CVE-2026-41312 Source advisory: SNYK:PYTHON-PYPDF2-16097902...
MAL-2026-2818 Malicious code in genosys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2fb27cde30ea3d834e3160e37c203a1f8a271435cf92316a990766c5b8b9791c The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...
Malicious code in requests-test-test44 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-testik11 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2813 Malicious code in requests-testik11 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2812 Malicious code in requests-test-test44 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-test-test3 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2810 Malicious code in requests-test-test2 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-test-test2 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2809 Malicious code in bombonsec-test-123 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in bombonsec-test-123 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2699 Malicious code in robase-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 32170773fbd5fab5b2494de72ce601e7b43d9b5c21f36b9bc26a6ada40024de6 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in robase-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 32170773fbd5fab5b2494de72ce601e7b43d9b5c21f36b9bc26a6ada40024de6 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
angr (>=9.2.187 <=9.2.217), angr-management (>=9.2.187 <=9.2.217) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)
uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...
SUSE SLES15 Security Update : python (SUSE-SU-2026:1365-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1365-1 advisory. - CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989. Tenable has extracted the preceding...
Malicious code in cpu-optimizers2-33 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eb2ab5bcc8a1a35fbd4e5d9b19ac517134ea3fd497e66d7d7126089743804a1c Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
Malicious code in cpu-optimizers (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f82b75da107c50f4d2f3cf5587e7db58a0dc91b77f8511226ff9219623dc145a Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
MAL-2026-2686 Malicious code in neverinstallme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b5a369ecd7616b1dcdbeeca091c3b5bb9df2096c863fe89e9b45154708d5453a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
OPENSUSE-SU-2026:10553-1 python313-3.13.13-1.1 on GA media
These are all security issues fixed in the python313-3.13.13-1.1 package on the GA media of openSUSE Tumbleweed...