MAL-2026-5178 Malicious code in tronlab (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 44a6e385a64a2319d00a77e4eb063dd97f8a54dff9df20653fec1f3c3d40ecb9 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

ROOT-APP-PYPI-GHSA-747P-WMPV-9C78 GHSA-747p-wmpv-9c78 in rootio-awscli - Patched by Root

Root has patched GHSA-747p-wmpv-9c78 in the rootio-awscli package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-53365 CVE-2025-53365 in rootio-mcp - Patched by Root

Root has patched CVE-2025-53365 in the rootio-mcp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2023-34110 CVE-2023-34110 in rootio-Flask-AppBuilder - Patched by Root

Root has patched CVE-2023-34110 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2024-56201 CVE-2024-56201 in rootio-Jinja2 - Patched by Root

Root has patched CVE-2024-56201 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-27516 CVE-2025-27516 in rootio-Jinja2 - Patched by Root

Root has patched CVE-2025-27516 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2024-34064 CVE-2024-34064 in rootio-Jinja2 - Patched by Root

Root has patched CVE-2024-34064 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-27124 CVE-2026-27124 in rootio-fastmcp - Patched by Root

Root has patched CVE-2026-27124 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-64340 CVE-2025-64340 in rootio-fastmcp - Patched by Root

Root has patched CVE-2025-64340 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-6176 CVE-2025-6176 in rootio-Brotli - Patched by Root

Root has patched CVE-2025-6176 in the rootio-Brotli package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-61920 CVE-2025-61920 in rootio-Authlib - Patched by Root

Root has patched CVE-2025-61920 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-57804 CVE-2025-57804 in rootio-h2 - Patched by Root

Root has patched CVE-2025-57804 in the rootio-h2 package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-27932 CVE-2026-27932 in rootio-joserfc - Patched by Root

Root has patched CVE-2026-27932 in the rootio-joserfc package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-69196 CVE-2025-69196 in rootio-fastmcp - Patched by Root

Root has patched CVE-2025-69196 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2023-25691 CVE-2023-25691 in rootio-apache-airflow-providers-google - Patched by Root

Root has patched CVE-2023-25691 in the rootio-apache-airflow-providers-google package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2025-6985 CVE-2025-6985 in rootio-langchain-text-splitters - Patched by Root

Root has patched CVE-2025-6985 in the rootio-langchain-text-splitters package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2022-30034 CVE-2022-30034 in rootio-flower - Patched by Root

Root has patched CVE-2022-30034 in the rootio-flower package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2023-22884 CVE-2023-22884 in rootio-apache-airflow-providers-mysql - Patched by Root

Root has patched CVE-2023-22884 in the rootio-apache-airflow-providers-mysql package for Root:PyPI. Multiple fixed versions available...

1zlab-emp-ide (=0.0.3), 1zlab-homepage (>=0.0.2 <=0.0.3) +11108 more potentially affected by CVE-2026-48587 via django (>=6.0.0 <=6.0.5)

django PYPI version =6.0.0, =0.0.2, =2.2.0, =0.1.0, =0.1.0.1, =0.1.1, =0.2.0, =0.0.4a0, =0.0.7, =0.1.10 and more Source cves: CVE-2026-48587 Source advisory: OSV:PYSEC-2026-198...

MAL-2026-5176 Malicious code in internal-tracker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e2d5962963c8d8a956fcb154caa77b63b09419f4f58ddb23e2afbb0cb98c6c79 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...