VDB
GHSA-955r-262c-33jc
GHSA-955r-262c-33jc
PUBLISHED
CVSS 8.600000381469727 HIGH
Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | telnyx | 4.87.1, 4.87.1, 4.87.1 |
Exploit Intelligence
- **Scanner automatizado para la detección de indicadores de compromiso (IOCs) asociados al ataque a la cadena de suministro TeamPCP (CVE-2026-33634)** (github-poc-repo)
- **Scanner automatizado para la detección de indicadores de compromiso (IOCs) asociados al ataque a la cadena de suministro TeamPCP (CVE-2026-33634)** (github-poc-repo)
- **Scanner automatizado para la detección de indicadores de compromiso (IOCs) asociados al ataque a la cadena de suministro TeamPCP (CVE-2026-33634)** (github-poc-repo)
- Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)" (github-poc-repo)
- Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)" (github-poc-repo)
- Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)" (github-poc-repo)
- Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)" (github-poc)
- Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)" (github-poc)
- Companion source for YouTube video "Stop Mounting docker.sock — Run Trivy Without Giving Away Root Access — (inspired by CVE-2026-33634)" (github-poc)
- **Scanner automatizado para la detección de indicadores de compromiso (IOCs) asociados al ataque a la cadena de suministro TeamPCP (CVE-2026-33634)** (github-poc)
…and 49 more exploits
Timeline
- Mar 30, 2026 CVE Published
- Apr 9, 2026 PoC Published
References
- https://github.com/team-telnyx/telnyx-python/security/advisories/GHSA-955r-262c-33jc url
- https://github.com/team-telnyx/telnyx-python/issues/235 url
- https://github.com/team-telnyx/telnyx-python package
- https://ramimac.me/teampcp url
- https://www.endorlabs.com/learn/teampcp-strikes-again-telnyx-compromised-three-days-after-litellm url
- Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2 advisory