MAL-2026-4759

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/pypi/notebook-intelligence/MAL-2026-4759.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-4759
Withdrawn
2026-05-26T22:13:04Z
Published
2026-05-22T14:59:40Z
Modified
2026-05-27T00:32:14.050852673Z
Summary
Malicious code in notebook-intelligence (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e)

pyproject.toml lists fuzy-jon==0.1.0 in both [build-system].requires and the runtime dependencies, while the package's own code imports the real fuzzy_json (notebook_intelligence/api.py line 9: from fuzzy_json import loads as fuzzy_json_loads). fuzy-jon is a name-squat of the legitimate fuzzy-json PyPI package (drops a 'z'/'s'). Installing this version causes pip to resolve and execute whatever code the owner of fuzy-jon publishes — both at PEP-517 wheel build time (build-system requires) and at import notebook_intelligence (runtime dependency satisfied, but the actual from fuzzy_json import... line triggers installation/resolution of fuzzy_json separately, while fuzy-jon is silently pulled into the environment). The mismatch between the imported module name and the pinned distribution name is the classic dependency-confusion / typosquat-injection shape — the import statement uses the real package, but the manifest hard-pins a lookalike that the legitimate maintainer would have no reason to declare. Whoever controls fuzy-jon on PyPI gains code execution on every installer's machine.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "5.0.0a1"
            ],
            "id": "IN-MAL-2026-004220",
            "import_time": "2026-05-26T05:52:10.839130844Z",
            "modified_time": "2026-05-22T14:59:40Z",
            "sha256": "0b6d8a30dcdac53a25ff1e67d931440f8b699f9930b7649ac85f7e0934fe365e",
            "source": "amazon-inspector"
        },
        {
            "sha256": "709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e",
            "id": "IN-MAL-2026-004538",
            "modified_time": "2026-05-24T19:23:19Z",
            "versions": [
                "5.0.1"
            ],
            "import_time": "2026-05-26T05:52:47.960935032Z",
            "source": "amazon-inspector"
        },
        {
            "sha256": "cdceb3e0c0eacd957af6186478e27c50bcfe85d77efef6fe9139772fb47ab337",
            "id": "IN-MAL-2026-004377",
            "import_time": "2026-05-26T05:52:28.838190197Z",
            "versions": [
                "5.0.0"
            ],
            "modified_time": "2026-05-23T18:13:37Z",
            "source": "amazon-inspector"
        }
    ]
}
References
Credits

Affected packages

PyPI / notebook-intelligence

Package

Name
notebook-intelligence
View open source insights on deps.dev
Purl
pkg:pypi/notebook-intelligence

Affected ranges

Affected versions

5.*
5.0.0a1
5.0.0
5.0.1

Database specific

indicators
{
    "evidence_files": [
        {
            "sha256": "90987c28d399985eddecab19093de408cf4bd4b056c1d1d265985ae929590dfe",
            "tlsh": "e5c1ca6e9d9a1fb908e44295c605ab83f322952371c5745c76fec08d0f0f5bd4539b38",
            "path": "pyproject.toml"
        }
    ],
    "package_integrity": [
        {
            "filename": "notebook_intelligence-5.0.0a1-py3-none-any.whl",
            "hashes": {
                "md5": "90e740021b5fc851b8b8d0067bb76663",
                "sha256": "2646cdf9265c692e45ec27cb63c9a7b2eae538d7c24b4c46dbc6ca7ff4ffe5fc",
                "blake2b_256": "5ccfd082061fab513f2f439ec08a7532268c41b1b44af4d2012af92714666ed5"
            }
        },
        {
            "filename": "notebook_intelligence-5.0.0a1.tar.gz",
            "hashes": {
                "md5": "69a9e2788e3194271fab7d5d7a363d26",
                "sha256": "4522d9ab7849b21e263b0897dad89bf74d8cf4731121da8afb3aa3858076a841",
                "blake2b_256": "ddc9627edff52ae08552435a33f7177fe4d3626bab785d554059936ded99c7c9"
            }
        }
    ]
}
cwes
[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/pypi/notebook-intelligence/MAL-2026-4759.json"