25 matches found
Malicious code in salesforce-sysutils-diagnostics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59e4ce1338f2439a1a5b2d257b96aadaef4a9c2883f6787343856728514bd148 setup.py unconditionally invokes curl at install time to POST the contents of /tmp/fake-keys.json to...
Malicious code in nagios-xi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c11c80cc2d314460d61a649c84fd75881388470382be8183b77b362e562a5c7f On import nagiosxi, the package's init.py lines 5-8 invokes socket.gethostbyname"atlass-check.autaeqjhfowvnnmkwhxjtq8x39d8nder1.oast.fun" inside a...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 代码问题漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were code vulnerabilities in versions prior to 18.10 through 18.10.8...
Malicious code in anthropy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fa5e8904e682bfc10273961eb25b914c8d79b89e2a6c923c32bb9b3233d41c2 The package anthropy is a one-character typosquat of the legitimate anthropic PyPI SDK. The sole module anthropy.py executes a classic Python reverse...
Malicious code in imgmatrix-analysis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2a9f964e4264c7bcc91047fdfb9966b1ae807e1e60fafa559d5543ed6e3dc83e During import, the package executes remote commands sourced from a Google Sheet. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-4291 Malicious code in pylogkt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1c9e5bf0ffd994f076a4a76395b5bcccd2716229439910912bd49aaf52f903 The package masquerades as a logging utility but every call to its logging API log.info/debug/etc triggers Logger.log, which on macOS hosts paths...
MAL-2026-3089 Malicious code in bytedclaw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 222fec842fbce5c57d9ab98166abc5a0b555076048a153f00dd34b7a1ceec072 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2539 Malicious code in customer-local-ops (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef5d282201c89a99b3d50d086b0c6916792744bff406f01b7920533e43562212 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2026-30287
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CEWE PHOTO IMPORTER 安全漏洞
CEWE PHOTO IMPORTER is a photo import tool developed by the British company CEWE. Version 6.4.3 of CEWE PHOTO IMPORTER contains a security vulnerability. This vulnerability arises from the import of specially crafted image files, which may allow local attackers to trigger an application crash...
MAL-2026-1435 Malicious code in python-anchor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 914b16cbc506c57a77eeed5ae14955bcf3b58fa49da92c2686b56a1d531c5268 During import, package decrypts and runs a malicious executable. The executable is hidden in an encoded and xored form in the JSON resource file. This is a...
MAL-2026-1080 Malicious code in hashtools32 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 689514b83cd6496b0a4213d26325e73cd2c4f0e19128b969d19797bcdd4b131d During import, the package attempts to exfiltrate sensitive Telegram session files --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in icloudprocessor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 67b215e1995682b83e1afa8c297ecbdfe93d12db8cc11341b6bda84116d95814 During importing, the package starts a thread that exfiltrates user's files --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2025-192438 Malicious code in synium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 85fc917c33d970cb3365ff112f788b229638b757c32eaf99ba1054c8596298c1 During import, package exfiltrates specific global variables to a remote target in a way typical for infostealers --- Category: MALICIOUS - The campaign has...
Malicious code in venomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f33bd81b0b06fd056a05286d3664de55bbaff5fa8c1a54a07905e8e3b5e596a Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
MAL-2025-191920 Malicious code in venomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f33bd81b0b06fd056a05286d3664de55bbaff5fa8c1a54a07905e8e3b5e596a Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
Malicious code in denomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72b314dc6f8d89e09c9bdd5deae5f16e934e6cddcea9958ef20b43d1b7129154 Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
MAL-2025-191727 Malicious code in fenomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09b3bc239f1844ed4387ec558bcfd1f2d3cc8347bf8f47169044dc7c0933ecbd Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
MAL-2025-191804 Malicious code in notary-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6777fd3be7abdd8775b30e889a1bd66c4bef8af1794600867fc7292a8b9bcd0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2025-9162
A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are...