VDB
MAL-2026-2280
MAL-2026-2280
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Malicious code in roboat-additions (PyPI)
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | roboat-additions | 0.0.1, 0.0.1, 0.0.1 |
Timeline
- Mar 28, 2026 CVE Published
- May 3, 2026 CVE Updated
References
- https://www.virustotal.com/gui/file/9f14d239ab8f1289bc7aedeb67d3d72b467ee6c11b201890ab14c5c4f7c175d2/detection evidence
- https://bad-packages.kam193.eu/pypi/package/roboat-additions url
- https://www.virustotal.com/gui/file/48b108261d5de97a42eff81cf1a60a32286f72bf8b5f130959e0daa86b783608 evidence
- https://www.virustotal.com/gui/file/ef20289b52ab23ec23c5ff885a2293523ce8456fb00e3d67f1b084c28f7d282a/detection evidence
- https://github.com/Addi9000/roboat/blob/331166c8ea3bd080f08fe6d571202e3b47017ed7/README.md#L31 url
- https://github.com/Addi9000/roboat/commit/331166c8ea3bd080f08fe6d571202e3b47017ed7 url
- https://github.com/Addi9000 url
- https://github.com/RoCruise url
- https://www.roboat.pro/ url