13250 matches found
Malicious code in tokyo-ppe-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c5907d5bd4d20875048608d41ca58ea06687c84a0c7804cc83f3c3d706ff5fe4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in pathfiles (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a96d53709493a07432f8619b9ca322fef0fb4bf9080a02da7e8f6bc03353b3c0 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
SUSE CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), anymodality (=0.1.0) +26 more potentially affected by CVE-2026-1778 via sagemaker (>=2.0.0 <=2.254.1)
sagemaker PYPI version =2.0.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =1.0.0, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =1.0.1 and more Source cves: CVE-2026-1778 Source advisory: SNYK:PYTHON-SAGEMAKER-15182756...
AZL-76496 CVE-2026-1703 affecting package python-virtualenv 20.26.6-2
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
AZL-76599 CVE-2026-1703 affecting package python3 3.12.9-9
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
Malicious code in cat-admin-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 34286533490c9ad41743b1eea6659d9c4fd3e62d1a830658b90840f3c49a6c8c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
Malicious code in callapirequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6e7fadeb48347b57805dea2f58d0f662e43170e0e4439a424f6dec66cf285452 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in connections-api-request (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-640 Malicious code in connections-api-request (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in connection-api-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1e1edf0790733aa25ad085b523a095b1ee4abee84eca696bbcaf1682cca2c2ad Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-624 Malicious code in hultine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6e91ab35953cced9cf886a16976bb282de1dcf804938f4179a2dcf8dc1af731 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
MAL-2026-621 Malicious code in base-local-planner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c0cb640a181ee8e6c31d4f0f87e8768b7a67b70174dd65794e8d980909eac8a3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in wandb-widget (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 055598effefa8c10844b4dd82763ed5786623a04789583ed67d9a32e9342d45c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mkdocs-dataopslive (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a4d8685e053f4695197aa6f21d1fbdad08a1162352aa913aff91ea9753036529 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
MAL-2026-614 Malicious code in mkdocs-dataopslive (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a4d8685e053f4695197aa6f21d1fbdad08a1162352aa913aff91ea9753036529 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
Malicious code in fastpi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2928970260fda87aaa57272b8042ae1a9661ad1a1bdeec1e73903e84ce3354cd Malicious copy of the legitimate FastAPI. The modification loads code encrypted in one of the attached files. The final, highly obfuscated code is most likely...
Malicious code in userver-requires-at-least-python-3-10 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 482925eb73388f3c834ceef6db5714f819970521367f7129878e38afbaa08bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in theanswre (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a5007e2f06a55345366f95d0073e9980436e74745540a4e9b43c8a1836c4bef The OpenSSF Package Analysis project identified 'theanswre' @ 0.2.4 pypi as malicious. It is considered malicious because: - The package execute...