5 matches found
PT-2026-41970
Name of the Vulnerable Software and Affected Versions Algernon versions prior to 1.17.7 Description When Algernon is started with a single file path instead of a directory, the singleFileMode is enabled, which forcibly activates debugMode. This configuration enables the PrettyError renderer, whic...
MAL-2026-3679 Malicious code in @2oolkit/hyperliquid-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...
Malicious code in guan (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e04a9a658bc7616e72a5edf276dd049e5b697f2492c46929caf2e01fac95d84 The top-level src/guan/init.py unconditionally calls statisticsofguanpackage on every import guan. That function in src/guan/others.py opens a raw TC...
Malicious code in flycord (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2071af47a4b327550f5614253b291b893e0741e6f2ebe3b4378a4794696d211 When the user uses the provided library, this package silently reports basic information and the result of the user's action to a hardcoded, obfuscated URL...
MAL-2026-1049 Malicious code in flycord (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2071af47a4b327550f5614253b291b893e0741e6f2ebe3b4378a4794696d211 When the user uses the provided library, this package silently reports basic information and the result of the user's action to a hardcoded, obfuscated URL...