agentic-ai-vass-tools (>=0.1.0 <=0.4.0), agenticos (>=0.0.1 <=0.0.3.155020) +24 more potentially affected by CVE-2026-2285 via crewai-tools (>=0.12.1 <=1.11.0)

crewai-tools PYPI version =0.12.1, =0.1.0, =0.0.1, =0.2.0, =0.1.7, =0.2.6, =0.1.0, =0.5.42, =0.74.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.1.1.dev6 and more Source cves: CVE-2026-2285 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922426...

Malicious code in spanner-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 659a15d63f794432104121cf729687768f76fa3dadd0b4ae9d8c9327021122af Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2304 Malicious code in spanner-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 659a15d63f794432104121cf729687768f76fa3dadd0b4ae9d8c9327021122af Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in prodaccess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71f3b91c61448eb2dee3cfb46f56b4e38dab0202af78c52163d5b6ab98e85c2d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in dremel (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27df3a2ebf6e129a3e640d55b9dd03b5f21cef1694cd6ccdae97e456f098ce2c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2301 Malicious code in dremel (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27df3a2ebf6e129a3e640d55b9dd03b5f21cef1694cd6ccdae97e456f098ce2c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in loas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0177c14c2fb08f69729838152272244428733a8e3682c3cbdc6780ea2fab6e38 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2302 Malicious code in loas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0177c14c2fb08f69729838152272244428733a8e3682c3cbdc6780ea2fab6e38 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

SUSE: Security Advisory (SUSE-SU-2026:1090-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:1076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-5239-WWWM-4PMQ vulnerabilities

Vulnerabilities for packages: ansible-operator-fips, neuvector-manager, label-studio, datadog-agent, jupyter-base-notebook, litellm, datadog-agent-fips, tensorflow-cpu-jupyter, apache-beam-python-3.11-sdk, awx, nemo, az, airflow-core, ggshield, mycli, datahub-ingestion, text-generation-inference,...

Malicious code in hiveos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 632c5c53f72df87d7b0d9843df212e147e729699ffe5e7f6c20e3cd41fa13f64 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +23 more potentially affected by unknown CVE via opencc (>=0.2.0 <=1.1.9)

opencc PYPI version =0.2.0, =0.3.0, =0.8.0, =0.1.0, =1.1.0, =0.0.1, =0.0.1, =1.0.0, =1.0.8 - nemo-curator =0.5.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-7FQQ-Q52P-2JJG...

MAL-2026-2291 Malicious code in pychatz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 adc76f6c0051f3b8b31b378b6b6078e553750338e2489de9de83315bea349657 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2292 Malicious code in safecheckit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 84f17b127af2c89551ea0059e4741da3fb5158405fbeabf042f7d5d89a098b21 During installation the package downloads and installs two executables identified as backdoors trojans. --- Category: MALICIOUS - The campaign has clearly...

Malicious code in iwantsafecheckit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c982c88e841ae349f894f45b27e07f7154a252963ec05ff8e9536f46102e6ecf During installation the package downloads and installs two executables identified as backdoors trojans. --- Category: MALICIOUS - The campaign has clearly...

MAL-2026-2290 Malicious code in iwantsafecheckit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c982c88e841ae349f894f45b27e07f7154a252963ec05ff8e9536f46102e6ecf During installation the package downloads and installs two executables identified as backdoors trojans. --- Category: MALICIOUS - The campaign has clearly...

MAL-2026-2283 Malicious code in interwebz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 02fa95914b7edc63771b97f48f4e05119f87309224b5e9b5aa990ab6dda8acc2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2281 Malicious code in roboats-addition (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9c3e8c3efcca9a56765d765638b1f7a25769a8a94693c4f391804337be55fcf During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in roboat-additions (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1af64a27f6bd87cbd380cb838d6c8c06696f9497c246fe348d5af1bbc17f6122 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...