MAL-2025-192392

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ajenti-plugin-testing-pyld/MAL-2025-192392.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-192392
Published
2025-12-09T18:32:50Z
Modified
2025-12-31T02:52:14.214846Z
Summary
Malicious code in ajenti-plugin-testing-pyld (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (8f75e248c6b93183d9fb3295781e0ffda38ca1afa25cefb866205312f2a78cfd)

Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm.

Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.

Campaign: GENERIC-simple-tests

Reasons (based on the campaign):

  • The package overrides the install command in setup.py to execute malicious code during installation.
Database specific 
{
    "malicious-packages-origins": [
        {
            "sha256": "8f75e248c6b93183d9fb3295781e0ffda38ca1afa25cefb866205312f2a78cfd",
            "import_time": "2025-12-09T19:35:12.23631851Z",
            "modified_time": "2025-12-09T18:32:50.64765Z",
            "versions": [
                "1.1.1"
            ],
            "id": "pypi/GENERIC-simple-tests/ajenti-plugin-testing-pyld",
            "source": "kam193"
        },
        {
            "sha256": "c9f06b3dac61d0bab3271459da521514201b4b69826b7edd9a33d793e870e03f",
            "import_time": "2025-12-12T23:07:31.785339875Z",
            "modified_time": "2025-12-12T22:42:32.079289Z",
            "versions": [
                "1.1.1",
                "0.0.1",
                "0.99.999"
            ],
            "id": "pypi/GENERIC-simple-tests/ajenti-plugin-testing-pyld",
            "source": "kam193"
        },
        {
            "sha256": "d21d0d38383da324a45399ec777f707a273e0261264c43bab20431eda37f951d",
            "import_time": "2025-12-12T21:06:42.549224766Z",
            "modified_time": "2025-12-12T20:28:04.371094Z",
            "versions": [
                "1.1.1",
                "0.0.1"
            ],
            "id": "pypi/GENERIC-simple-tests/ajenti-plugin-testing-pyld",
            "source": "kam193"
        },
        {
            "sha256": "4c039df8ba9e4f40162ee73b3cf93b5ea41f16caf89cee8f99b94124cf227a99",
            "import_time": "2025-12-30T22:39:04.263932925Z",
            "modified_time": "2025-12-12T22:42:32.079289Z",
            "versions": [
                "0.0.1",
                "0.99.999",
                "1.1.1"
            ],
            "id": "pypi/GENERIC-simple-tests/ajenti-plugin-testing-pyld",
            "source": "kam193"
        }
    ]
}
References
Credits

Affected packages

PyPI / ajenti-plugin-testing-pyld

Package

Name
ajenti-plugin-testing-pyld
View open source insights on deps.dev
Purl
pkg:pypi/ajenti-plugin-testing-pyld

Affected ranges

Affected versions

0.*
0.0.1
0.99.999
1.*
1.1.1

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ajenti-plugin-testing-pyld/MAL-2025-192392.json"