Malicious code in rblx-studio-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0984290664d514183109c836bea6a2bda03e33f89563accc6c79a51e281688f8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2863 Malicious code in rblx-studio-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0984290664d514183109c836bea6a2bda03e33f89563accc6c79a51e281688f8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2864 Malicious code in robase-setup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3fcd831a04f3c23efde7a365717e715cec5c6fb5211d26e5d76ace539abb06bc During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in rblx-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be690c2f32ad941003f8733406643848380c3918af421fa56c8ec0802b9c261d During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms

Summary Shell-wrapper detection missed env-argv assignment injection forms. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.2.22 = 2026.4.12 Impact Exec preflight handling missed shell-wrapper and argv-level environment assignment forms that could...

GHSA-J6C7-3H5X-99G9 OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms

Summary Shell-wrapper detection missed env-argv assignment injection forms. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.2.22 = 2026.4.12 Impact Exec preflight handling missed shell-wrapper and argv-level environment assignment forms that could...

Exploit for CVE-2026-29000

CVE-2026-29000: Proof of Concept PoC for pac4j-jwt Auth Bypa...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007625 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the...

MAL-2026-2821 Malicious code in robase-quick-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f69377c01d5c0980cb9bf905be35133e5cd077e7c64c577460dc06e3871c2d9e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Summary A Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandb...

Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

Summary Flowise introduced SSRF protections through a centralized HTTP security wrapper httpSecurity.ts that implements deny-list validation and IP pinning logic. However, multiple tool implementations directly import and invoke raw HTTP clients node-fetch, axiosInstead of using the secured...

GHSA-QQVM-66Q4-VF5C Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

Summary Flowise introduced SSRF protections through a centralized HTTP security wrapper httpSecurity.ts that implements deny-list validation and IP pinning logic. However, multiple tool implementations directly import and invoke raw HTTP clients node-fetch, axiosInstead of using the secured...

curl: Argument Injection via curl Short-Flag Grouping

This report details how the curl -os command facilitates an Argument Injection vulnerability in applications that wrap the curl command-line tool. The specific command curl -os /etc/passwd --url http://example.com demonstrates a subtle but dangerous behavior. Because -s silent follows -o output,...

Malicious code in robase-fallback (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a90a9e6e638fef782e18c99b5ab69341776385c7c7e6000af01a6b0fd2c3b0b6 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2563 Malicious code in robase-installer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1edd96cface7dcae9f445d94982ffc19a27e557fae7030e77e6e5646dfdd5c98 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in robase-installer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1edd96cface7dcae9f445d94982ffc19a27e557fae7030e77e6e5646dfdd5c98 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in robase-help (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b83143e22b0a815d6a2702f547ae9f4620ee086c8b9360a0d60ff2ed2186d56b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2561 Malicious code in robase-help (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b83143e22b0a815d6a2702f547ae9f4620ee086c8b9360a0d60ff2ed2186d56b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2559 Malicious code in databasesupalake (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78dbe2b5e300604ea36dc85a6b0e9eae4e92b7b3729de10b3951f5e3bfc7729b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2556 Malicious code in api-analysis (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3bf88cef3ca699f69bada95749b40c4426c9a9c528e53c473698be88cbdc783 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...