Lucene search
K

10 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 9:48 a.m.15 views

Malicious code in temp-development-package-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14f3eeecfabfcb249c5f6ec2a20824355ac313ab18c677334076ca9501607ec8 At install time, setup.py invokes installsitecustomize, which copies src/tempdevelopmentpackagetest/setup/sitecustomize.py into Python's purelib...

6.1AI score
Exploits0References8
OSV
OSV
added 2026/06/16 9:48 a.m.13 views

MAL-2026-5876 Malicious code in temp-development-package-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cdc1d94dd0cfb62a4a0267ae52bf1a72dfa31a6854196b4bb220759b7c6e878 Starting with version 0.4, package installs a sitecustomize.py that executes during Python engine initialization. The embeded code uses mshta to download...

5.6AI score
Exploits0References5
OSV
OSV
added 2026/06/15 4:23 p.m.10 views

MAL-2026-5797 Malicious code in neurodrift (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1b632fa784b6125daaba0e4a2b9e775bc4fec21c7d41127b887f9dfe6e873ce0 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 4:17 p.m.10 views

Malicious code in llmfree (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e779d2361b98c48a801fb29dedf2931f94b4264314d074895e14482ad0d5a15f During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/15 3:59 p.m.8 views

MAL-2026-5795 Malicious code in gptminifast (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 367066b272bcc8da7b253c53e1771b5aad257edef1e77ee29fc9a8c9ba73bf63 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/14 2:37 p.m.16 views

MAL-2026-5773 Malicious code in generatellm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31201af7035560c0798b46e67a374b9526a7e8ed2f856235e5eb0438d1a8d080 GenerateLLM 2.23 is a hollow PyPI package placeholder metadata, no functional code under src/, only an egg-info directory whose entire payload is an...

6.7AI score
Exploits0References6
OSV
OSV
added 2026/06/14 11:41 a.m.14 views

MAL-2026-5770 Malicious code in llmgenerator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e55ac2d3368516d538c8efaad2b83814dbb61813f36ab5655f77677ca0d6be On pip install, setup.py performs an HTTP GET to https://pastebin.com/raw/yBcUM1QB, takes the first line of the response body, and passes it to...

6AI score
Exploits0References6
OSV
OSV
added 2026/06/14 8:53 a.m.12 views

MAL-2026-5769 Malicious code in ezllmgen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9ad551d9ee9ad2f3c29daab0377c3e52289324e938e28a3b58d71c60e8e15e8 setup.py downloads the first line of https://pastebin.com/raw/yBcUM1QB via urllib and passes it directly to os.systemf'cmd /c "cmdpastebin"' during...

5.5AI score
Exploits0References6
OSV
OSV
added 2026/06/14 8:18 a.m.14 views

MAL-2026-5765 Malicious code in easyaillm2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f532239be50513698758c81009444ff49bcf4a140fab11734107d81c4eab6684 On pip install easyaillm2, setup.py fetches a raw text body from https://pastebin.com/raw/yBcUM1QB and passes the first line directly to os.system'cm...

6.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 1:55 a.m.20 views

Malicious code in easyaillm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6268f175708584b9c3de408c80de3dc1162f4d1ddedb1ce6201b90f409b0dea On pip install easyaillm, setup.py runs execbase64.b64decode... which decodes to code that fetches https://pastebin.com/raw/hEF5HaFc, treats the...

6.1AI score
Exploits0References6
Rows per page
Query Builder