10286 matches found
ROOT-APP-PYPI-CVE-2025-32962 CVE-2025-32962 in rootio-Flask-AppBuilder - Patched by Root
Root has patched CVE-2025-32962 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-62801 CVE-2025-62801 in rootio-fastmcp - Patched by Root
Root has patched CVE-2025-62801 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-GHSA-C2JP-C369-7PVX GHSA-c2jp-c369-7pvx in rootio-fastmcp - Patched by Root
Root has patched GHSA-c2jp-c369-7pvx in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-64439 CVE-2025-64439 in rootio-langgraph-checkpoint - Patched by Root
Root has patched CVE-2025-64439 in the rootio-langgraph-checkpoint package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-23949 CVE-2026-23949 in rootio-jaraco.context - Patched by Root
Root has patched CVE-2026-23949 in the rootio-jaraco.context package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-GHSA-MV93-W799-CJ2W GHSA-mv93-w799-cj2w in rootio-GitPython - Patched by Root
Root has patched GHSA-mv93-w799-cj2w in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-22701 CVE-2026-22701 in rootio-filelock - Patched by Root
Root has patched CVE-2026-22701 in the rootio-filelock package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-68146 CVE-2025-68146 in rootio-filelock - Patched by Root
Root has patched CVE-2025-68146 in the rootio-filelock package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-44244 CVE-2026-44244 in rootio-GitPython - Patched by Root
Root has patched CVE-2026-44244 in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-42284 CVE-2026-42284 in rootio-GitPython - Patched by Root
Root has patched CVE-2026-42284 in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-68131 CVE-2025-68131 in rootio-cbor2 - Patched by Root
Root has patched CVE-2025-68131 in the rootio-cbor2 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-GHSA-VP47-9734-PRJW GHSA-vp47-9734-prjw in rootio-asteval - Patched by Root
Root has patched GHSA-vp47-9734-prjw in the rootio-asteval package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-21226 CVE-2026-21226 in rootio-azure-core - Patched by Root
Root has patched CVE-2026-21226 in the rootio-azure-core package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-62611 CVE-2025-62611 in rootio-aiomysql - Patched by Root
Root has patched CVE-2025-62611 in the rootio-aiomysql package for Root:PyPI. Multiple fixed versions available...
Malicious code in spaysrbdata (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2d461e4f26b3a0fb04120613c34e74745f6d63ce83abe98c40e470c527921501 The package exfiltrates Roblox cookies from the victim machine. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...
Malicious code in lib-1779997093-yjeeqn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 adfe3f8b85f731f407f8da6669a76b821b042e4ea1f2fd8fcfddf3293c2ca697 During installation, the package opens a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-4747 Malicious code in edison-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c151a181047e12f1de0e91b1923861446b04558028d518e30df1767ccc85def7 At pip install time, setup.py reads the EDISONQUERY environment variable from the installer's environment and POSTs it to...
MAL-2026-4272 Malicious code in env-loader-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1749501a0825ad4a98638bbab4bd2bd9550436adcb9bb7781b6552735f7f3eb0 The package advertises itself as a benign.env/JSON/YAML loader but its top-level init.py imports a hidden core module that, on every import envloader...
MAL-2026-4269 Malicious code in mistral-evals (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f79806b5d197ed3b6beeedfb7092ad6da36d1d186ad57dc12be0b030c63726c9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in pypi-build-verifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43a9aa0e00091b0758de27e4e5708a572d91bcada3757f4ce7bc1a0b17cb2965 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...