MAL-2026-627 Malicious code in theanswre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a5007e2f06a55345366f95d0073e9980436e74745540a4e9b43c8a1836c4bef The OpenSSF Package Analysis project identified 'theanswre' @ 0.2.4 pypi as malicious. It is considered malicious because: - The package execute...

MAL-2026-604 Malicious code in securedrop-workstation-dom0-config (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a496fb67ea100acce3d945e16e2d50d6d3181a322017f80cdf8c01006a49aade Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in mcp-pdftool-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2e92dea8be02288f271dacad2cd77f1bdd54596da1691cb738c4a7b7b4f77d21 When using the library, the hidden code starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign...

Malicious code in tableautes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 db2caf2b50286de83c99e588ab33e86d828ff3c39fd0dac1c5f3da229cdfced7 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

OPENSUSE-SU-2026:10117-1 python314-3.14.2-2.1 on GA media

These are all security issues fixed in the python314-3.14.2-2.1 package on the GA media of openSUSE Tumbleweed...

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71005 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71005 Source advisory: SNYK:PYTHON-ONEFLOW-15162570...

MAL-2026-595 Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

MAL-2026-593 Malicious code in pypi-package-explore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 54257ec88b5f7a5bd69177f84a4c396ab208e727ba1c7b079056f1fab2705c37 Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-70999 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-70999 Source advisory: SNYK:PYTHON-ONEFLOW-15162589...

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-65887 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-65887 Source advisory: SNYK:PYTHON-ONEFLOW-15147047...

GHSA-6RV6-R2F2-GQRC vulnerabilities

Vulnerabilities for packages: python...

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index PyPI repository that masquerade as spellcheckers but contain functionality to deliver a remote access trojan RAT. The packages, named spellcheckerpy and spellcheckpy , are no longer available on PyPI, but...

OPENSUSE-SU-2026:10109-1 python311-sse-starlette-3.2.0-1.1 on GA media

These are all security issues fixed in the python311-sse-starlette-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed...

Malicious code in tabletas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27d102f1cf4d0e6b08e5e77aa57a2a436a49f782fe6571b2a8e8d114e10d968d Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

Malicious code in solhint-plugin-hyperlane (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5f1d66ba0771661e6786da7d4953af3fc1ff1e280d1c666abd1e69e481274747 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

openSUSE 16 Security Update : python-jaraco.context (openSUSE-SU-2026:20095-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20095-1 advisory. - CVE-2026-23949: Fixed malicious tar archives may lead to path traversal bsc1256954. Tenable has extracted the preceding description block directly fro...

openSUSE Security Advisory (SUSE-SU-2026:0268-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-4643

Malicious code in selenium-integration PyPI...

MAL-2026-506 Malicious code in selenium-integration (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 50120169fb4cd982eb19b5dee69b1aa881d250d6bab46aaadb2746b92f0ec158 When importing the module, code downloads and executes a highly obfuscated remote script. --- Category: MALICIOUS - The campaign has clearly malicious intent,...

EUVD-2026-4644

Malicious code in flask-hookserver PyPI...