13243 matches found
Malicious code in enhancer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cefeea627aa1a0cc84aeedff1db0ae88ebf61b233bb9b20fa82b0a5fd0737cbf The distribution is published as enhancer but installs modules under the top-level safety namespace setup.py declares namespacepackages='safety' and...
MAL-2026-3608 Malicious code in mistralai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
OPENSUSE-SU-2026:10760-1 python311-click-8.3.3-2.1 on GA media
These are all security issues fixed in the python311-click-8.3.3-2.1 package on the GA media of openSUSE Tumbleweed...
Google Says Hackers Used AI to Develop a Zero-Day Exploit
Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI...
Malicious code in xxx-bale (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1109b5dc74c94551027044e54e20f9c1c18f89d53da6af87861ba4773eae1966 The package contains code to install remotely stored malware and ensure its persistence. The code is not triggered automatically; it requires a separate trigge...
0lever-utils (>=0.0.2 <=0.0.7), 0xdegenmo-lighter-mcp (=0.1.1) +16104 more potentially affected by CVE-2026-44431 via urllib3 (>=1.23.0 <=2.6.3)
urllib3 PYPI version =1.23.0, =0.0.2, =0.3.0, =0.0.1a0, =2.3.84, =0.1.0, =1.1.2, =0.1.0, =0.1.0, =0.0.2, =0.0.5, =0.0.7 and more Source cves: CVE-2026-44431 Source advisory: SNYK:PYTHON-URLLIB3-16642024...
Malicious code in mpkg123 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 df9e0498d827adeb16ea11e4a1137133d2124f039942b776f7ac098a257cd164 If executed as a module, the obfuscated code collects and exfiltrates sensitive data, including passwords saved in a browser. --- Category: MALICIOUS - The...
Malicious code in xxoo-bale (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 74ce2be8301ccea70138e307282fbf70ede26eede2a531296145f7d0da695b80 The package contains code to install remotely stored malware and ensure its persistence. The code is not triggered automatically; it requires a separate trigge...
Malicious code in dlocal-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9cfdf8d83ac7dc528caac3292d1b02ba162629b349789149fbbfcb7094f778b0 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...
Malicious code in web3-py-checksum (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b2052172f5c854b2e91f6bdc9336a97469cd161372621a1880d9cd1e3ad426a The code silently exfiltrates the private key of a crypto account. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2026-3406 Malicious code in ggfmttygl-new (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2098233a75602dd1779f720f566420f4a88ec77694b206e7858323b5aeea38d5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...
Malicious code in ggfmttygl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e741cc1df48cc526ad3a27ac702f5dea403723557b4a485f84847340310d66e5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...
Malicious code in bttcli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ce4d4558612dd659843989e690b64a3c4073d5a4b34217c2e89a5325835da685 During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no...
MAL-2026-3401 Malicious code in bttcli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ce4d4558612dd659843989e690b64a3c4073d5a4b34217c2e89a5325835da685 During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no...
Malicious code in python-bittensor-config-v2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6f2ecdbc9e024d6dc51c8e5d48941c5aac432db65ad733317aed159d480973cd During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no...
CVE-2026-42301 Improper Input Validation leading to Improper Control of Generation of Code ('Code Injection') in pyp2spec
pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...
EUVD-2026-28896
pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...
11x-wagtail-blog (>=0.0.0 <=0.2.0), adede (=4.1.0) +201 more potentially affected by CVE-2026-44199 via wagtail (>=1.0.0 <=7.0.0)
wagtail PYPI version =1.0.0, =0.0.0, =0.57.1, =0.1.0a0.dev0, =4.1.0, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =6.3.8 and more Source cves: CVE-2026-44199 Source advisory: OSV:GHSA-PWM3-7FV4-G6XX...
CVE-2026-6019 vulnerabilities
Vulnerabilities for packages: python...
GHSA-2755-2MM4-RM5C vulnerabilities
Vulnerabilities for packages: python...