EUVD-2026-1961

Malicious code in graponater PyPI...

EUVD-2026-1910

Malicious code in libc-dev PyPI...

Malicious code in libc-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cb6d8dc8c1dde2d0e31a36f23ab7fbd5931d00834eef4d6ee225cada5edbb44c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CHASE: LLM Agents for Dissecting Malicious PyPI Packages

Modern software package registries like PyPI have become critical infrastructure for software development, but are increasingly exploited by threat actors distributing malicious packages with sophisticated multi-stage attack chains. While Large Language Models LLMs offer promising capabilities fo...

EUVD-2026-1862

Malicious code in oncecall PyPI...

MAL-2026-189 Malicious code in oncecall (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30fc3993415d365e03d500864542d91d6c6d87af8b6125765af3ba4a5ee059f6 Package silently downloads and executes an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

CVE-2022-38884

The d8s-grammars for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

CVE-2022-38880

The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The affected version is 0.1.0...

CVE-2022-38881

The d8s-archives for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

EUVD-2026-1619

Malicious code in do-not-install-this-package-002 PyPI...

Malicious code in do-not-install-this-package-002 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dc0f1ed2645f37e4b8df59ccca64288a02f6cc07009489c54565dfc5b0089f19 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

EUVD-2026-1624

Malicious code in btcli-security PyPI...

CVE-2025-15346

A vulnerability in the handling of verifymode = CERTREQUIRED in the wolfssl Python package wolfssl-py causes client certificate requirements to not be fully enforced. Because the WOLFSSLVERIFYFAILIFNOPEERCERT flag was not included, the behavior effectively matched CERTOPTIONAL: a peer certificate...

EUVD-2026-1352

Malicious code in lnatainstaller PyPI...

MAL-2026-128 Malicious code in lnatainstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a613dbd371593bf6bcb7ae528a4d7d7dba2fedfc6670c8cb493bb5cbee18f734 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

EUVD-2026-1354

Malicious code in codefrequencychecker PyPI...

Photon OS 4.0: Python3 PHSA-2026-4.0-0938

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0938. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EUVD-2026-1100

Malicious code in py-publish-test-0126 PyPI...

MAL-2026-98 Malicious code in py-publish-test-0126 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 993085ca23a6a729d332eade4d58778a42c1d19b18237ab4b3c3a6bacf9fd126 Dependency confusion demonstration package with reporting through a decorator function --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

EUVD-2026-1101

Malicious code in testingpy PyPI...