MAL-2026-4760

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/nvidia-nat-semantic-kernel/MAL-2026-4760.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-4760
Published
2026-05-21T10:47:05Z
Modified
2026-05-26T06:03:07.413916394Z
Summary
Malicious code in nvidia-nat-semantic-kernel (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (fd31ef3bb7acb152519e55b43037368e8dfc21d444050bec7739778c4ce73381)

The wheel's METADATA declares a hard dependency Requires-Dist: ruamel-yaml-clibz==0.3.5. The legitimate upstream is ruamel.yaml.clib (with dots) maintained as part of the ruamel.yaml project; ruamel-yaml-clibz (note trailing 'z', hyphenated form) is not a recognized ruamel artifact and has the shape of a typosquat. Installing this package causes pip to resolve and install ruamel-yaml-clibz from PyPI, executing whatever build/install code that package ships. The flagged package's own source is otherwise a benign NVIDIA NeMo Agent Toolkit semantic-kernel integration with no network, exec, or credential-handling behavior — the installer-side risk is entirely in the transitive pull.

Database specific 
{
    "malicious-packages-origins": [
        {
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-003799",
            "versions": [
                "1.8.0a20260521"
            ],
            "import_time": "2026-05-26T05:51:20.196367971Z",
            "sha256": "fd31ef3bb7acb152519e55b43037368e8dfc21d444050bec7739778c4ce73381",
            "modified_time": "2026-05-21T10:47:05Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / nvidia-nat-semantic-kernel

Package

Name
nvidia-nat-semantic-kernel
View open source insights on deps.dev
Purl
pkg:pypi/nvidia-nat-semantic-kernel

Affected ranges

Affected versions

1.*
1.8.0a20260521

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/nvidia-nat-semantic-kernel/MAL-2026-4760.json"
cwes 
[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
indicators 
{
    "package_integrity": [
        {
            "hashes": {
                "md5": "83c6ac5c5c9ce3ea59d7aaca4651bdf1",
                "sha256": "ccae67168c818fbc122454565bd1498f8b4dcfca534b6dc9b9a86af8b8110f39",
                "blake2b_256": "5d2e1abdc5dbba5c91506af481af0149c0d80161c31e73508a9d27c57dd56bcd"
            },
            "filename": "nvidia_nat_semantic_kernel-1.8.0a20260521-py3-none-any.whl"
        }
    ],
    "evidence_files": [
        {
            "tlsh": "ad4165a52a850afa3bc108c77b8d591ad19aca0ce74e18e5f5e5c1c542ac77283fc0bd",
            "path": "nvidia_nat_semantic_kernel-1.8.0a20260521.dist-info/METADATA",
            "sha256": "40cdbeb77ef82d1a17fef0745c9d3949943788c6af73ab2d186aafba34232d4b"
        }
    ]
}