CVE-2026-21531 Azure SDK for Python Remote Code Execution Vulnerability

...

CVE-2026-21531

CVE-2026-21531 involves deserialization of untrusted data in the Azure SDK, allowing remote code execution over a network. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) yields a base score of 9.8 (CRITICAL). The impact is high on confidentiality, integrity, and availability, with netw...

Azure SDK for Python Remote Code Execution Vulnerability

Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network...

Malicious code in distinctive-azure-python (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 290eb5527ba978d9f913d813a34e27c4b6df326e5a2f5459023cdc92578da80e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-66874 Malicious code in automatic-azure-python (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d53f4884a9a5bf47a74532b7809cce98c1f7b54162602956361d5e72f4f166ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in automatic-azure-python (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d53f4884a9a5bf47a74532b7809cce98c1f7b54162602956361d5e72f4f166ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-54854

Malicious code in distinctive-azure-python npm...

EUVD-2025-55775

Malicious code in automatic-azure-python npm...