EUVD-2026-3254

Malicious code in nanoinstaller PyPI...

EUVD-2026-3255

Malicious code in bnanainstaller PyPI...

Many Hands Make Light Work: An LLM-Based Multi-Agent System for Detecting Malicious PyPI Packages

Malicious code in open-source repositories such as PyPI poses a growing threat to software supply chains. Traditional rule-based tools often overlook the semantic patterns in source code that are crucial for identifying adversarial components. Large language models LLMs show promise for software...

EUVD-2026-2657

Malicious code in haqawi PyPI...

Malicious code in haqawi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c55dd7769c6bf39fd838af80c68669f79339abce1333cd421d9477144d7fde4 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

EUVD-2026-2658

Malicious code in legendevil1 PyPI...

EUVD-2026-2659

Malicious code in hairest PyPI...

MAL-2026-253 Malicious code in clipcord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fca6ce37489de021bfea975a55751ad244552b7868a4e534f955d30a0efb1770 Package collects and exfiltrates Discord credentials from multiple sources --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

EUVD-2026-2661

Malicious code in solana-program PyPI...

EUVD-2026-2663

Malicious code in transitive-req PyPI...

EUVD-2026-2402

Malicious code in dify-api PyPI...

Malicious code in dify-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a40038bb1837e98127f2e267d1932d1eeb641c93e855c50af9aa25002e28c76b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

GuardDog 路径遍历漏洞

GuardDog is a CLI tool in GuardDog open source that allows identifying malicious PyPI packages. A path traversal vulnerability exists in GuardDog versions prior to 2.7.1, which stems from the presence of path traversal in the safeextract function, which could lead to arbitrary file overwriting an...

EUVD-2026-1961

Malicious code in graponater PyPI...

EUVD-2026-1910

Malicious code in libc-dev PyPI...

CHASE: LLM Agents for Dissecting Malicious PyPI Packages

Modern software package registries like PyPI have become critical infrastructure for software development, but are increasingly exploited by threat actors distributing malicious packages with sophisticated multi-stage attack chains. While Large Language Models LLMs offer promising capabilities fo...

EUVD-2026-1862

Malicious code in oncecall PyPI...

CVE-2022-38881

The d8s-archives for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

EUVD-2026-1619

Malicious code in do-not-install-this-package-002 PyPI...

EUVD-2026-1624

Malicious code in btcli-security PyPI...