MAL-2026-5 Malicious code in queryservice-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92aafbccc7065760e0127931c5150c59561f3b753ab9fe79dbcbdafd1aef97dc Dependency confusion PoC that exfiltrates also potentially sensitive environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent,...

MAL-2026-1 Malicious code in sfnt2woff-zopfli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f372716a5cf92b41a37e0d7a83e287a41fcaca77b3cf9a324554c20a86635d8a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in sfnt2woff-zopfli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f372716a5cf92b41a37e0d7a83e287a41fcaca77b3cf9a324554c20a86635d8a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

PT-2026-8137

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the DAMON sysfs interface. Specifically, when a DAMOS-scheme DAMON sysfs directory setup fails after the creation of the access pattern...

PT-2026-26114

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's UDP GRO Generic Receive Offload complete stage. The UDP GRO complete stage incorrectly assumes that the encapsulation flag is zeroed for all packets...

PT-2026-26117

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the net/liquidio module related to memory management during device setup and cleanup. Specifically, a flaw exists in the setup nic devices...

PT-2026-26118

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the netdev pointer is not initialized before queue setup in the setup nic devices function. Specifically, the pointer to the network device...

PT-2026-26116

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to the liquidio component. Specifically, a flaw was identified in the setup nic devices function where an off-by-one error in the cleanup loop...

PT-2026-8155

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the octep device setup function within the Linux kernel. Specifically, if octep ctrl net init fails, the function returns without releasing allocated memory and...

PT-2026-27649

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ethernet functionality within the mtk eth soc module. Specifically, the issue concerns the handling of the eBPF program pointer during the mt...

PT-2026-8166

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc6+ Description The Linux kernel contained a use-after-free flaw within the bonding driver. This issue occurs due to enslave failure after a new slave is added to the array. Specifically, the new slave ca...

Exploit for Deserialization of Untrusted Data in Facebook React

CyberSec Blog CTF - React2Shell PoC Ce dépôt fournit un envir...

Malicious code in accesspdp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 11c8d523da4caf20e4a8a37285ab51a94173b2270777bb074878fdec62dee115 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-193006 Malicious code in accesspdp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 11c8d523da4caf20e4a8a37285ab51a94173b2270777bb074878fdec62dee115 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in brolool4141412 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 26b5ad1d170ede931c108f8a9d4342347b2983ae9fc5330b25ddb1dcc4132eb7 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

Malicious code in broooxddd1414 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96d927b6bf59d0d5aeea78de6b99df11c32ad0e467da980917a16703d5a1c0d1 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

MAL-2025-192990 Malicious code in broooxddd1414 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96d927b6bf59d0d5aeea78de6b99df11c32ad0e467da980917a16703d5a1c0d1 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

Malicious code in weorewfoi2393 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00296490bb9bcec28af256a76790f8c5f96dd45d4184ac6617bbdffad3e674a3 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

MAL-2025-192993 Malicious code in weorewfoi2393 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00296490bb9bcec28af256a76790f8c5f96dd45d4184ac6617bbdffad3e674a3 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

MAL-2025-192992 Malicious code in umap (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f6dd42f96f818641d94fd4a2085dfd1071b6ce3fa44a3f05b785245ab4d1c886 Simple dependency confusion test. Versions before 0.1.2 do not perform any active action. The original umap package existed in the past, but was removed by the...