Malicious code in py-sysbench (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bcd34dcdc69398d2b97a0890cc550974824096b2844524f868505aa32032f147 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

MAL-2026-1280 Malicious code in py-sysbench (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bcd34dcdc69398d2b97a0890cc550974824096b2844524f868505aa32032f147 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

Malicious code in cpucheck (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c9d20d009145b270e9b9f2bb73540bb7484845f0cbe9c73f4cf20cc28f776c9 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

python311-nltk-3.9.3-1.1 on GA media (moderate)

python311-nltk-3.9.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10304-1 Rating: moderate Cross-References: CVE-2026-0847 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

MAL-2026-1278 Malicious code in chat-xdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e1f6d17089af4d8a0d8ab4b5ab9398a250b54d8d605c178080a7f275a6ab4687 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

2sio (>=0.1.0 <=0.1.5), 4mica-x402 (>=0.1.0 <=1.2.3) +44 more potentially affected by unknown CVE via x402 (=2.12.0)

x402 PYPI version =2.12.0 is affected by a known vulnerability. The following packages have a transitive dependency on x402 and may be impacted: - 2sio =0.1.0, =0.1.0, =0.2.0, =1.0.0, =0.3.14, =0.1.1, =0.5.4, =0.1.0, =0.1.0, =0.3.0, =0.3.5 - foldset =0.1.0 - foldset-django =0.1.0 and more Source...

GHSA-QR2G-P6Q7-W82M x402 SDK Security Advisory

Impact A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK. Who...

x402 SDK Security Advisory

Impact A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK. Who...

Fedora 44 : python3.10 (2026-48d2e7135b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-48d2e7135b advisory. Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367 Tenable has extracted the preceding description block directly fr...

Malicious code in flowfix (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...

Malicious code in python-requirements (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...

Malicious code in fastapi-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e414a858711540d25b63ced50114d396e150157b65a70056beccc38948a4199 The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

SUSE SLES12 Security Update : python (SUSE-SU-2026:0802-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0802-1 advisory. - CVE-2024-7592: excess CPU resource consumption in http.cookies module bsc1229596 Tenable has extracted the preceding description block directly from...

Python Library OpenEXR 2.3.x / 3.x < 3.2.6 / 3.3.x < 3.3.8 / 3.4.x < 3.4.6 Heap Buffer Overflow

The version of the OpenEXR Python package installed on the remote host is 2.3.x or 3.x prior to 3.2.6, 3.3.x prior to 3.3.8, or 3.4.x prior to 3.4.6. It is, therefore, affected by a heap buffer overflow vulnerability: - In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in a...

admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +53 more potentially affected by unknown CVE via sagemaker-core (=2.12.0)

sagemaker-core PYPI version =2.12.0 is affected by a known vulnerability. The following packages have a transitive dependency on sagemaker-core and may be impacted: - admet-workbench =0.1.0, =0.4.4, =1.3.16, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source...

openSUSE Security Advisory (SUSE-SU-2026:0774-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python311-Django4-4.2.29-1.1 on GA media (moderate)

python311-Django4-4.2.29-1.1 on GA media Announcement ID: openSUSE-SU-2026:10282-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...

MAL-2026-1240 Malicious code in requests-ml-min (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 caf988849523549406a61384e2c9f8e01d6edf3ad71e5cba77ca7c3987863f1d During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...

Fedora: Security Advisory (FEDORA-2026-e0e9d0d54a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MAL-2026-1226 Malicious code in qwery-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4861116d64db41be8bae04818ecc9f3542fe4bc30055d57588f6f23c11149f3 Obfuscated downloader of encrypted code, compiled to native binary. The remote URL has to be provided to the binary. Likely impersonates legitimate npm library...