VDB
MAL-2026-2400
MAL-2026-2400
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Malicious code in kube-node-health (PyPI)
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | kube-node-health | 1.0.0, 1.0.0 |
Timeline
- Apr 1, 2026 CVE Published
- Apr 22, 2026 CVE Updated
References
- https://github.com/gibunxi4201/kube-node-diag url
- https://inspector.pypi.io/project/kube-health-tools/1.0.9/packages/ab/41/abea82b56e7ac3b06c15fc7760f6857df6fc9b4739254b362c2bbeaf6fb7/kube_health_tools-1.0.9-py3-none-any.whl/kube_health/__init__.py#line.32 url
- https://inspector.pypi.io/project/kube-health-tools/1.0.9/packages/ab/41/abea82b56e7ac3b06c15fc7760f6857df6fc9b4739254b362c2bbeaf6fb7/kube_health_tools-1.0.9-py3-none-any.whl/kube_health/__init__.py#line.47 url
- https://inspector.pypi.io/project/kube-health-tools/1.0.11/packages/35/54/8be76acf54f2401a8ca6984cd548caf9eaf75feab5be3d4b231078db4d9d/kube_health_tools-1.0.11-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl/kube_health/__init__.c#line.3922 url
- https://www.virustotal.com/gui/file/fe3f5d15951b25654f14045de3181ec6630a0ba65add8a65309b01c8324387f1/detection evidence
- https://bad-packages.kam193.eu/pypi/package/kube-node-health url
- https://www.aikido.dev/blog/gpt-proxy-backdoor-npm-pypi-chinese-llm-relay url