MAL-2026-6290 Malicious code in toorc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cfd36909e089f17439dd3227c6f5ccef2fef2964dc26bbdbaaef0481b54615d On pip install and even pip download, the package's setup.py overrides the install and egginfo commands to execute a RunCommand routine that serializ...

CVE-2025-50124

CVE-2025-50124 affects Schneider Electric EcoStruxure IT Data Center Expert (DCE) prior to version 9.0 (8.3 and earlier). The vulnerability stems from a Charon executable/configuration that can be abused by a low-privileged attacker to gain root privileges, enabling privilege escalation via local...