Lucene search
K

13271 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in playwrightr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e165b925f82629524e611c81597c32a171df7cec246dc73f268d8192ccbe2c5 setup.py registers a CustomInstallCommand that runs automatically on pip install under Windows. It uses WinHTTP via ctypes to fetch a binary from...

6.1AI score
Exploits0References5
Wolfi
Wolfi
added 4 days ago6 views

GHSA-P4GQ-832X-FM9V vulnerabilities

Vulnerabilities for packages: py3-nltk...

5.9AI score
Exploits0
Chainguard
Chainguard
added 4 days ago4 views

GHSA-W8QV-6JWH-64R5 vulnerabilities

Vulnerabilities for packages: py3-captum...

5.9AI score
Exploits0
Chainguard
Chainguard
added 4 days ago5 views

GHSA-MP2F-45PM-3CG9 vulnerabilities

Vulnerabilities for packages: py3-captum...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago8 views

Malicious code in pyqt6darktheme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8cd6d16792d681b160ae1e11b3f698d8fd3004cd6019704008ad1c649fbe6f67 Package downloads and runs a remote executable, which was found to downloads further exes and starting coine mining --- Category: MALICIOUS - The campaign has...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago8 views

Malicious code in jsonschemavalidation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3 The PyPI project jsonschemavalidation builds a wheel whose installed top-level package is literally jsonschema tool.hatch.build.targets.wheel package...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago8 views

Malicious code in paysafe-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d9cc9039ffa3e8cadc8a24b0ccd83bcc8eca2fe88e25f35b2022cc1957220fb paysafe-api impersonates the Paysafe payments provider package name, description, author 'Paysafe Developer Team', and use of api.paysafe.com /...

6.1AI score
Exploits0References3
OSV
OSV
added 5 days ago7 views

ROOT-APP-PYPI-CVE-2026-27932 CVE-2026-27932 in rootio-joserfc - Patched by Root

Root has patched CVE-2026-27932 in the rootio-joserfc package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.8AI score0.00432EPSS
Exploits2
OSV
OSV
added 5 days ago12 views

ROOT-APP-PYPI-CVE-2026-34993 CVE-2026-34993 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34993 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

7.3CVSS7.8AI score0.00128EPSS
Exploits0
OSV
OSV
added 5 days ago5 views

ROOT-APP-PYPI-CVE-2024-23829 CVE-2024-23829 in rootio-aiohttp - Patched by Root

Root has patched CVE-2024-23829 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

6.5CVSS6.7AI score0.0102EPSS
Exploits1
OSV
OSV
added 5 days ago19 views

ROOT-APP-PYPI-CVE-2026-45134 CVE-2026-45134 in rootio-langsmith - Patched by Root

Root has patched CVE-2026-45134 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

7.1CVSS5.8AI score0.00199EPSS
Exploits0
OSV
OSV
added 5 days ago21 views

ROOT-APP-PYPI-CVE-2026-41182 CVE-2026-41182 in rootio-langsmith - Patched by Root

Root has patched CVE-2026-41182 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00214EPSS
Exploits0
OSV
OSV
added 5 days ago10 views

ROOT-APP-PYPI-CVE-2023-44271 CVE-2023-44271 in rootio-pillow - Patched by Root

Root has patched CVE-2023-44271 in the rootio-pillow package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.4AI score0.01038EPSS
Exploits0
OSV
OSV
added 6 days ago2 views

OPENSUSE-SU-2026:11191-1 python313-lxml_html_clean-0.4.5-1.1 on GA media

These are all security issues fixed in the python313-lxmlhtmlclean-0.4.5-1.1 package on the GA media of openSUSE Tumbleweed...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/04 12:24 p.m.9 views

Malicious code in yt-api-dlp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4710e1aa4fe025aaed51f4958f3b514a6cb950b40069f424c7a5d9a2f85591c Package name yt-api-dlp is a single-token insertion away from the widely-used yt-dlp package, and the tarball contains a near-verbatim copy of the...

6AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 11:44 p.m.7 views

Malicious code in confighub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 805d9b5848999d2ba85368446cb12d90bf350b8201a78dd475079c04f180dd81 confighub 7.0.1 declares installrequires='procwire' and imports procwire at package load in init.py under a version gate that silently swallows...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 9:41 a.m.7 views

Malicious code in django-bkvision (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60f6913309b46f7fc428e08267197a375885efc1b3c5660d7707ef70895f558c setup.py executes a top-level function on pip install that collects host metadata hostname, user, cwd, Python version, platform, pid, timestamp and...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/28 4:55 p.m.12 views

Malicious code in tdata-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b4c3b37df5e3d08d7bc6ad736e0231ed0dc655640ffdf0dc403f4029ace2787 Package name explicitly declares its purpose as harvesting Telegram Desktop session data tdata directory. The tdata folder contains live authenticate...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/28 4:55 p.m.9 views

MAL-2026-6560 Malicious code in tdata-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b4c3b37df5e3d08d7bc6ad736e0231ed0dc655640ffdf0dc403f4029ace2787 Package name explicitly declares its purpose as harvesting Telegram Desktop session data tdata directory. The tdata folder contains live authenticate...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/28 11:3 a.m.9 views

Malicious code in fsociety-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88731d75288f663967fc64dde12b04eb43a2eb3d4113486bf35b1cf3d89ae537 On import, fsocietytools/init.py loads tokens.py, which at module load time instantiates TokenManager. The constructor concatenates eight large strin...

5.9AI score
Exploits0References4
Rows per page
Query Builder