VDB
MAL-2026-1263
MAL-2026-1263
PUBLISHED
Malicious code in python-module-installer (PyPI)
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | python-module-installer | 3.15.6, 3.15.7, 3.15.8 |
| PyPI | python-module-installer | 3.15.6, 3.15.8, 3.15.10 |
Timeline
- Mar 6, 2026 CVE Published
- Mar 6, 2026 CVE Updated
References
- https://github.com/Python-source-dev/python-module-installer url
- https://github.com/python-requirements/requirements url
- https://github.com/fewcatltd/zkSync/ url
- https://bad-packages.kam193.eu/pypi/package/python-module-installer url
- https://github.com/Python-source-dev/python-module-installer/commit/f58c60b95e98dc9ae8f0fb03ed8eaa5fa23e14cf fix