Lucene search
K

273 matches found

OSV
OSV
added 2026/04/04 4:41 p.m.5 views

MAL-2026-2488 Malicious code in photo-extractor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 67f3f604528f125e85fb7be00bb17d7cf2abc5cdb20a12cbcbb38633f5877f14 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6.1AI score
Exploits0References1
OSV
OSV
added 2026/03/31 12:31 p.m.3 views

GHSA-J5QH-5234-4RQP Duplicate Advisory: OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-99qw-6mr3-36qr. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust...

9.8CVSS6.2AI score0.00331EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/30 8:21 p.m.10 views

Malicious code in databaseroboats (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 758a06f15ef5917ecf964bae5fa46f084b028b69c8dd133acb90da972f6a6f09 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/29 8:12 p.m.3 views

Malicious code in databaseroboat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c3d5d00b97ea534e5873e4b0aecaa2895fcc25dfca987d487dcc2510cf14f3a During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSV
OSV
added 2026/03/29 12:15 p.m.4 views

MAL-2026-2289 Malicious code in database-roblox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bc72e398d8a27feaf630ecd5c3f852b452ad895a1e0a104abbc87da277e3bfc4 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/28 8:17 p.m.6 views

Malicious code in roboats-addition (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9c3e8c3efcca9a56765d765638b1f7a25769a8a94693c4f391804337be55fcf During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/28 8:15 p.m.6 views

Malicious code in roboat-addition (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ece419769280a3d6ce017d5cc460eaf49742fde83ede008765b77f3e49ff67e6 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSV
OSV
added 2026/03/27 4:47 p.m.6 views

MAL-2026-2271 Malicious code in metamask-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d741c998a924aa720c19f13cbb622ebb5862abde8765dac7f8bb2cf1b219c3dc Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/27 4:47 p.m.10 views

Malicious code in metamask-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d741c998a924aa720c19f13cbb622ebb5862abde8765dac7f8bb2cf1b219c3dc Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/27 4:45 p.m.6 views

MAL-2026-2269 Malicious code in claude-lite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a73f0745200bef9d517a2ac5e3e69189347e0b730a0187e71c3c201accd5833 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/27 4:44 p.m.4 views

MAL-2026-2272 Malicious code in solana-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f0a22ac83bdfd88312e7d422a0e3c27531ccdb7a6c6e4afa1ae513bb9aecf41f Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
Snyk
Snyk
added 2026/03/20 8:43 p.m.4 views

Access Control Bypass

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Access Control Bypass through the exposure of secret keys in the clones.json.php endpoint, which allows an attacker to trigger a database dump and obtain admin...

10CVSS6.1AI score0.13266EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/15 10:1 p.m.6 views

Malicious code in pymnemonic (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 459bd254a36d9b8c78d96285e0c0aedb285b08f22900e022ea67988f3cb98e92 Malicious clone of the legitimate python-utils package, disguised as a crypto-related helper. The malicious code modification exfiltrates sensitive env variabl...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/15 10:1 p.m.8 views

MAL-2026-1438 Malicious code in pymnemonic (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 459bd254a36d9b8c78d96285e0c0aedb285b08f22900e022ea67988f3cb98e92 Malicious clone of the legitimate python-utils package, disguised as a crypto-related helper. The malicious code modification exfiltrates sensitive env variabl...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/06 1:12 p.m.18 views

MAL-2026-1264 Malicious code in python-requirements (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 1:2 p.m.11 views

Malicious code in python-module-installer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61bfa181c5afb9e33e0d529138c813fc05d8130062182d9d1a5cb4ef9c8da0ea The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/03/06 1:2 p.m.12 views

MAL-2026-1263 Malicious code in python-module-installer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61bfa181c5afb9e33e0d529138c813fc05d8130062182d9d1a5cb4ef9c8da0ea The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/03/06 11:35 a.m.19 views

MAL-2026-1261 Malicious code in fastapi-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e414a858711540d25b63ced50114d396e150157b65a70056beccc38948a4199 The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 11:35 a.m.13 views

Malicious code in fastapi-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e414a858711540d25b63ced50114d396e150157b65a70056beccc38948a4199 The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 11:34 a.m.13 views

Malicious code in fastapis-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69baeb910fc47c2e92e2a25cb1db7b5148b4773d193f15aecef4d708f69b1f6d The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

6AI score
Exploits0References1
Rows per page
Query Builder