ROOT-APP-PYPI-CVE-2025-4565 CVE-2025-4565 in rootio-protobuf - Patched by Root

Root has patched CVE-2025-4565 in the rootio-protobuf package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-67221 CVE-2025-67221 in rootio-orjson - Patched by Root

Root has patched CVE-2025-67221 in the rootio-orjson package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-34993 CVE-2026-34993 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34993 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

MAL-2026-5875 Malicious code in myfirstpackagetestaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c05b4934471efac919453e87b37a94a9a92c930455283c0bfb85b535c61f4a6b During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

Malicious code in aaaazzzzaz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1698c50a4706300296a442bbb0ae57280e870d8c83575d68218143e4ffd6645 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

MAL-2026-5874 Malicious code in aaaazzzzaz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1698c50a4706300296a442bbb0ae57280e870d8c83575d68218143e4ffd6645 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

ROOT-APP-PYPI-CVE-2026-41066 CVE-2026-41066 in rootio-lxml - Patched by Root

Root has patched CVE-2026-41066 in the rootio-lxml package for Root:PyPI. Multiple fixed versions available...

Malicious code in testpackagemanyhttpsgo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 336f39e218fe5b5a09ef8ee7757efa7a0ca73c0fe6571bc232d735448499a950 At install time, setup.py fetches https://tmpfiles.org/dl/wawHVGgfydD7/6a306c5f03a52.exe via urllib, writes the response to disk, and executes it wit...

Vulnerable OpenSSL included in cryptography wheels

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in wheels prior to cryptograph 48.01 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20260609.txt. If yo...

MAL-2026-5812 Malicious code in hello-test-s1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e38aef2a7eaa434284aa00122cf429e1a1a07658e02afec7bb3690d7cbfe9ec During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...

Malicious code in merino-common (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61117d9c074586912421f9fe2104b792a0eb2a359dd1c6e9c8548bc2aa299dd0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-5820 Malicious code in node-scraper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 52aa9bb0c23cd9126412a9477da59431309521a78dd65e807b7dd198367d0a83 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-5811 Malicious code in gigl-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 28903f76bed2e89a18c9c276d62c95bb089a091020f89f35f7d2800ef6a3bce3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in sl-pgp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 53bd44f0ef91bd7b2757153e06bc9a7b697aba1af30af9bc6a6ccb71d7a3012a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-5819 Malicious code in mozautomation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 26d0e7dfb965969f23786d4bde7d70e597b83df522434aea471171d48442cd12 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in llmfree (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e779d2361b98c48a801fb29dedf2931f94b4264314d074895e14482ad0d5a15f During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

Malicious code in generatellm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31201af7035560c0798b46e67a374b9526a7e8ed2f856235e5eb0438d1a8d080 GenerateLLM 2.23 is a hollow PyPI package placeholder metadata, no functional code under src/, only an egg-info directory whose entire payload is an...

Malicious code in easyaillm2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f532239be50513698758c81009444ff49bcf4a140fab11734107d81c4eab6684 On pip install easyaillm2, setup.py fetches a raw text body from https://pastebin.com/raw/yBcUM1QB and passes the first line directly to os.system'cm...

Malicious code in easyllmai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4589bbb71e0bb3589a162bf2102bba5e8bf7124d3988235647d1e3c1d01821d0 During pip install, setup.py performs an unauthenticated HTTP fetch of https://pastebin.com/raw/yBcUM1QB, takes the first line of the response, and...

MAL-2026-5756 Malicious code in easyaillm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6268f175708584b9c3de408c80de3dc1162f4d1ddedb1ce6201b90f409b0dea On pip install easyaillm, setup.py runs execbase64.b64decode... which decodes to code that fetches https://pastebin.com/raw/hEF5HaFc, treats the...