CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

--- -= Per source details. Do not edit below this line.=- Source: kam193 606ce541a3ef4a98e4e1639e96c6431e7ec83be6f987c640a63c03991eae4f6e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...

5.9AI score

Exploits0References3

OSSF Malicious Packages•added 2026/03/17 9:6 a.m.•4 views

Malicious code in robloxapi-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ff27677fd14eddf36fd58fee0bb539ef89fd596e83450c68f8dc0436350abfd6 Installation embeds a malicious PTH file that then during import downloads and executes remote code. During analysis, the remote code was a test starting...

6.1AI score

Exploits0References1

OSSF Malicious Packages•added 2026/03/16 6:3 p.m.•6 views

Malicious code in color-list (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 86ffbba2d1825f76d4c2baa6a8b7ecbe85514239934a3d7903745d17d4baf704 Malicious code hidden in the color-list package uses the presence of pretty-tabulate as a trigger to load code hidden in likely a third malicious package...

5.9AI score

Exploits0References1

OSV•added 2026/03/15 5:2 p.m.•4 views

MAL-2026-1437 Malicious code in flowpeek (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e79fec156ab781e041d49cebd6082ee113ef98ce53945dc1a949a3a8e96fa734 During import, the code starts the embedded executable. This executable is an information stealer extracting sensitive data to a Discord channel. --- Category:...

6AI score

Exploits0References3

OSV•added 2026/03/13 10:31 a.m.•7 views

MAL-2026-1408 Malicious code in nai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a9e4650a322afd07ff77c3f934248e52f477f2d1cebd0c84b1074bdba1142efe Package is a hacking tool that not only abuses 3rd-party services but also silently exfiltrates credentials the user uses to log in there. The provided account...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/03/13 8:13 a.m.•4 views

Malicious code in makenotion-ppetest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8a77a3e2f70388147c71ce781715204b49848f8a88c362506e14ecfbdff51208 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score

Exploits0References1

OSSF Malicious Packages•added 2026/03/11 11:30 p.m.•6 views

Malicious code in falador (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d66c45b27d4ff7595d8a13a91515450c248dc50a6531199f0254bbd9d6440bb During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

5.8AI score

Exploits0References1

OSV•added 2026/03/11 7:44 a.m.•5 views

MAL-2026-1339 Malicious code in anontest123 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f4d47757d3ee2d0dde7ed82934a06bf64343c344a7b090cf77f05dcd73f813a5 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6AI score

Exploits0References1

OSV•added 2026/03/11 7:43 a.m.•4 views

MAL-2026-1340 Malicious code in safetest123 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 697641cf873581d63edc257a57ab2bef9e6662b8c6afbe7917fef190e539df39 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by