CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/10/02 5:41 a.m.•4 views

Malicious code in emoted (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c1542aa2ac34ff34c8c27bcfa0753cb100f1779f8b6acf274ed21c36866b795 Obfuscated code contains e.g. capabilities for downloading and executing code from a hardcoded location. It's also recognized as malware --- Category: MALICIOU...

7.3AI score

OSV•added 2025/10/02 5:41 a.m.•3 views

MAL-2025-48890 Malicious code in emoted (PyPI)

7.2AI score

vulnersOsv•added 2025/10/01 9:31 p.m.•3 views

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1436 more potentially affected by CVE-2025-59681 via django (>=5.2.0 <=5.2.6)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-59681 Source advisory: SNYK:PYTHON-DJANGO-13179650...

9.8CVSS7.1AI score0.00583EPSS

OSV•added 2025/10/01 10:11 a.m.•3 views

MAL-2025-47875 Malicious code in tikweb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 56e420aab6cf451bf10ab865d2950af02e45914f0a7618355f7ee8384ddcd858 This malicious package claims to interact with TikTok web features programmatically, but runs malicious obfuscated code upon import and via other...

7.2AI score

OSSF Malicious Packages•added 2025/10/01 6:38 a.m.•4 views

Malicious code in regixtest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5bd4402c3382436a949c662f36088697ac7a3a0fd22e2c91fdf2102231e2392c Obfuscated code contains e.g. capabilities for downloading and executing code from a hardcoded location. It's also recognized as malware --- Category: MALICIOU...

7.3AI score

OSV•added 2025/10/01 6:38 a.m.•3 views

MAL-2025-48896 Malicious code in regixtest (PyPI)

7.2AI score

OSSF Malicious Packages•added 2025/09/30 7:3 p.m.•3 views

Malicious code in bioql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2c883d47bd0d35130e4d53d9fc0f96211a30f4a62ad8a4490431ae9a1adaed8f The OpenSSF Package Analysis project identified 'bioql' @ 3.0.2 pypi as malicious. It is considered malicious because: - The package communicate...

OSV•added 2025/09/30 7:3 p.m.•3 views

MAL-2025-47868 Malicious code in bioql (PyPI)

OSSF Malicious Packages•added 2025/09/28 3:35 p.m.•4 views

Malicious code in propeller-solver-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a79fc2ce4f8dbef3a36ad1dcf36011f9d86435f347aa81ed601295d75e818b04 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score

OSV•added 2025/09/27 8:14 a.m.•3 views

MAL-2025-48908 Malicious code in tronlastpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 45dfbc47ce737fe6b6913f21effbdaebc4a156b837c598449f0f96a6b15754a3 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

OSSF Malicious Packages•added 2025/09/27 8:14 a.m.•4 views

Malicious code in tronlastpy (PyPI)

OSSF Malicious Packages•added 2025/09/26 11:50 p.m.•4 views

Malicious code in tronlast (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8b8fb3ac2b3c204497c05a7ac21606b47fea8209c79762e816f4016602aafe8b Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

OSV•added 2025/09/26 11:50 p.m.•3 views

MAL-2025-48907 Malicious code in tronlast (PyPI)

OSV•added 2025/09/26 11:7 p.m.•4 views

MAL-2025-191787 Malicious code in matplotliv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 491ff5ae8247837ff9be18d46366f453395dab2413f44f6251aff0b271f7d25b Typosqatting package collecting, but not exfiltrating thus fulfiling the educational promise, sensitive data --- Category: PROBABLYPENTEST - Packages looking...

OSV•added 2025/09/26 4:20 p.m.•8 views

MAL-2025-191872 Malicious code in soopsocks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 adcaa2cfcfa52c7c1ed664a9389ba0bd0ddd2716ea4c475b22bcd2f62bc1ab95 The package promise creating a SOCKS proxy and report the server to a Discord webhook. And indeed appears to do so, but the attached autorun service seems to b...

OSSF Malicious Packages•added 2025/09/26 3:42 p.m.•6 views

Exploits0References3

Malicious code in netkit-lite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b4f77a4b324adb21fdeb5020c213d4ad7d72eefe9f26ee0c134a1cc8544255e9 Project is intended only for presenting dependency confusion and exfiltrates basic data --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

7.1AI score

OSV•added 2025/09/26 3:42 p.m.•6 views

MAL-2025-48895 Malicious code in netkit-lite (PyPI)

7AI score

OSSF Malicious Packages•added 2025/09/26 9:14 a.m.•4 views

Malicious code in worldnex (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score