13250 matches found
PYSEC-2026-96
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in nltk/downloader.py uses zipfile.extractall without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when...
OPENSUSE-SU-2026:10222-1 python312-3.12.12-5.1 on GA media
These are all security issues fixed in the python312-3.12.12-5.1 package on the GA media of openSUSE Tumbleweed...
MAL-2026-932 Malicious code in easyreg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2897582bf6c0c29d4fc679ee338263019a8a5d5bcb66b5ae2c59454d6c967d6a The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...
MAL-2026-931 Malicious code in telebot-infe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 590d96b39de125e4d96c7b88fdc57ef5257eddbf8277011e51c84e1500302aaf The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
MAL-2026-930 Malicious code in telebot-info (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 61aec9d37a402659928293fb6a151f72f9de1194a73a519f7e1595e5ed5b719b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in polyutil (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 31a0fc68eee0841a78740fd3e3748171612b871b58bf9f3e52b4fa35bed64774 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...
RockyLinux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2023:7034)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7034 advisory. python: tarfile module directory traversal CVE-2007-4559 python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has...
python311-pip-26.0.1-1.1 on GA media (moderate)
python311-pip-26.0.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10210-1 Rating: moderate Cross-References: CVE-2026-1703 CVSS scores: CVE-2026-1703 SUSE : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-1703 SUSE : 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA...
Malicious code in cicibot-fix-message-naming (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7fb20d1d9da8ede0270346034bb6fdca56ef578e35a73b4cb0301664ab4a27ab Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in aliyun-python-sdk-v2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 29bd2455a576643c51939bd166abab847afd04c3142b576e3f9f0c7978763181 Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...
Malicious code in alibabacloude (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c45df7f85cfaba4bf141f0a17ba2d0987e080131bab1f1233798a1287d63fa7f Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...
MAL-2026-915 Malicious code in alibabacloud-code-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5e4d81a71d0710ac3618ec41e8027ee6a96ae9845ca67b33b950c8d99d8d2e8a This package impersonates Alibaba Cloud account and contains highly obfuscated code. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-913 Malicious code in groq-ppe-pkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 517d20a09a1e53ce02484aa25ab2483ef75022e96f76d72fe3125bc1e16a359d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-912 Malicious code in http-request-toolkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 13b29a753802db633ab987963543535999a246049761d4d29699b66edf207f13 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...
MAL-2026-911 Malicious code in malpkgv2-0 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 1f614e8ee6cce92be8b98394967c253336c0145808962bfda5032f085ece4eef This package executes arbitrary commands, steals sensitive data, exfiltrates credentials, and uses obfuscation techniques...
nfstream 6.6.0
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...
MAL-2026-910 Malicious code in dns-execution-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4fc1fd65caa9c7f199fba16c9d3772c7db895ed78b29130a7ddc3347a4b34ba7 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-904 Malicious code in strands-agents-anthropic (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b86e2f5ba17218d5e9377627cc2c437009cc3dc7c6615c87b8317995614288c6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
python314-3.14.3-1.1 on GA media (moderate)
python314-3.14.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10206-1 Rating: moderate Cross-References: CVE-2025-12781 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367 CVE-2026-0672 CVE-2026-0865 CVE-2026-1299 CVSS scores: CVE-2025-12781 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N...
Malicious code in crc32fast (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b89c674974bf58c7388a27bf1c6ea954a890de45a3e9ba4830c1eada3a3ea6a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...