CVE-2026-3073

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

UBUNTU-CVE-2026-3073

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

CVE-2026-3073 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE 17.6 to 18.9.7, 18.10...

MAL-2026-3664 Malicious code in workingitmehelpit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

PYSEC-2026-164

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...

CVE-2026-42266

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm...

CVE-2026-42266

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...

CVE-2026-42266

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...

Malicious code in openai-spellcheckers (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 195e6ac284c1a3e97b7683250a5514ed89d903819d2a3c97987782d4725e0e9f Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

JupyterLab 参数注入漏洞

JupyterLab is an open-source extension for interactive and reproducible computing environments, based on Jupyter Notebooks and their architecture. Versions 4.0.0 to 4.5.6 of JupyterLab contain a parameter injection vulnerability. This vulnerability arises from improper execution of the allowlist...

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI...

Malicious code in xxx-bale (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1109b5dc74c94551027044e54e20f9c1c18f89d53da6af87861ba4773eae1966 The package contains code to install remotely stored malware and ensure its persistence. The code is not triggered automatically; it requires a separate trigge...

Malicious code in xxoo-bale (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 74ce2be8301ccea70138e307282fbf70ede26eede2a531296145f7d0da695b80 The package contains code to install remotely stored malware and ensure its persistence. The code is not triggered automatically; it requires a separate trigge...

Malicious code in dlocal-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9cfdf8d83ac7dc528caac3292d1b02ba162629b349789149fbbfcb7094f778b0 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

CVE-2026-42301 Improper Input Validation leading to Improper Control of Generation of Code ('Code Injection') in pyp2spec

pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...

EUVD-2026-28896

pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...

MAL-2026-3381 Malicious code in solana-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 047a41b9a67bb975c2e98b31b5e13875569de5097f0b61bb5984e300687e03e3 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

MAL-2026-3379 Malicious code in eth-web3-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab01b68589d4f3b1e8686ed007d522f24c8259049cb211a023ac3f3ff8f56ce4 Code pretends to be an ETH utility and exfiltrates the given seed/private key --- Category: MALICIOUS - The campaign has clearly malicious intent, like...