7921 matches found
Malicious code in pipinpeace-env (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b76166abb6c7173f1cc74e41509f4ded1be2de5cea682016e00001e4e23b75a9 Package is designed to exfiltrate env variables during installation. However, it requires providing a URL as an installation parameter, which suggests it's mor...
EUVD-2019-19967
Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the application by sending oversized data in the message parameter. Attackers can establish a session via the chat.ghp endpoint and then send a POST request to body2.ghp with an excessively large...
MAL-2026-2013 Malicious code in nump (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 daf533091c2cd6d2ae82e47f2ba9264b23395105f9c088018560c13cea33801f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...
UBUNTU-CVE-2019-25544
Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat,...
Malicious code in mangrove-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6714958f20775c2347e9c8b606d1de2e28ed29fe4b1a82261ca4fb966fc20fa During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
MAL-2026-2006 Malicious code in mangrove-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6714958f20775c2347e9c8b606d1de2e28ed29fe4b1a82261ca4fb966fc20fa During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
Malicious code in efghr-honeybee-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e77e2d0088390e5dc421f70a65ade331bfbf554afcc9cc42362098d0ed130692 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
MAL-2026-2005 Malicious code in efghr-honeybee-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e77e2d0088390e5dc421f70a65ade331bfbf554afcc9cc42362098d0ed130692 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
Malicious code in flyio-token-client-efgh (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2b09830263d8a35450ca657294a1725c441f2f7fe49cc7946e261e8f18401464 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
MAL-2026-2004 Malicious code in flyio-token-client-efgh (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2b09830263d8a35450ca657294a1725c441f2f7fe49cc7946e261e8f18401464 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
CVE-2026-33179
libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in fuseuringinitqueue allows a local user to crash the FUSE daemon or cause resource exhaustion. When numaalloclocal fails during iouring queue entry...
Malicious code in init2winit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1989 Malicious code in init2winit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in airio (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6edae69303a2c992df68a1743104255c7de6aa8beba5f7b37eb9b91707789d9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in nsscache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f799f92bcb0f24e47655a4a38d97a8981bad8f31f28f7d82a5378ae8aa0f1c74 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1991 Malicious code in nsscache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f799f92bcb0f24e47655a4a38d97a8981bad8f31f28f7d82a5378ae8aa0f1c74 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1994 Malicious code in spatialmedia (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a092215ab076cff12b7606adbc678a0340701124b7e10d747c6b8aca8d5fed7e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in pubsub2inbox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bf686448f618fa764676453e2c0b7436f7c50c2043cc2734d2fcc142fb86f951 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1992 Malicious code in perfkitbenchmarker (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0983513b915ec02c736c073b1af861f5ff6b1e62bf2074b42a33e8d5fa16bb46 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in composer-dev (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7be3393e5cd932abe1668adaa58f526e25b1a6ab2ef4945eadeb60e68493c7ef Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...