MAL-2026-6945

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/jsonschemavalidation/MAL-2026-6945.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-6945
Published
2026-07-07T15:29:07Z
Modified
2026-07-08T23:47:02.333338641Z
Summary
Malicious code in jsonschemavalidation (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3)

The PyPI project jsonschemavalidation builds a wheel whose installed top-level package is literally jsonschema ([tool.hatch.build.targets.wheel] packages = ["src/jsonschema"]). Project metadata (author name, homepage pointing at github.com/python-jsonschema/jsonschema, README, description) mirrors the legitimate upstream jsonschema project. Installing this distribution places files into the real jsonschema import namespace on the installer, so import jsonschema in downstream code would resolve to the code shipped by this distribution rather than the genuine one. The current 4.26.0 contents appear to be an unmodified copy of upstream and no exfiltration, install-time fetch-and-execute, credential harvesting, silent-relay, backdoor, or other installer-harm payload is present in this version. The concern is the namespace-collision channel itself: a name-confusion distribution that populates a widely-used import name is a plausible squat/hijack setup, but name-similarity and namespace collision alone are subjective signals without a payload, so human review is appropriate rather than an automatic block.

Source: kam193 (b7a6e1ff837eac0382559815111106e3e85b3825b72f38355551d5874cc24b0e)

A clone of a legitimate package with an embeded reverse shell. In the published version, the reverse shell was connecting to a private IP address suggesting the package was not yet fully weaponized.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-jsonschemavalidation

Reasons (based on the campaign):

  • The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.

  • clones-real-package

  • obfuscation

Database specific
{
    "malicious-packages-origins": [
        {
            "modified_time": "2026-07-07T15:29:07.803542Z",
            "id": "pypi/2026-07-jsonschemavalidation/jsonschemavalidation",
            "source": "kam193",
            "import_time": "2026-07-07T16:25:33.946880197Z",
            "sha256": "b7a6e1ff837eac0382559815111106e3e85b3825b72f38355551d5874cc24b0e",
            "versions": [
                "4.26.0"
            ]
        },
        {
            "sha256": "eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3",
            "id": "IN-MAL-2026-008960",
            "source": "amazon-inspector",
            "import_time": "2026-07-08T23:27:55.812345434Z",
            "modified_time": "2026-07-08T22:58:27Z",
            "versions": [
                "4.26.0"
            ]
        }
    ]
}
References
Credits

Affected packages

PyPI / jsonschemavalidation

Package

Name
jsonschemavalidation
View open source insights on deps.dev
Purl
pkg:pypi/jsonschemavalidation

Affected ranges

Affected versions

4.*
4.26.0

Database specific

indicators
{
    "evidence_files": [
        {
            "path": "pyproject.toml",
            "tlsh": "c8d1d8f37a851bb46dca2154f98859019b364c3b25f1b939bb9f8049070ddbe83bc86d",
            "sha256": "50b15390212893d290c805bdce5bfb689ab875d04d65c5e9ff5d91acde4756c3"
        }
    ],
    "package_integrity": [
        {
            "filename": "jsonschemavalidation-4.26.0-py3-none-any.whl",
            "hashes": {
                "md5": "ceb48ffdbd98a4a24f604820a45d5c98",
                "blake2b_256": "2143d4b7230153dd4e4bdac7e231bc7a25eae97ed63363cc6175475551c221c1",
                "sha256": "953ae490ebffaa05c49b9186de084704c1bbdd5f0915f9822dcb65b1d2057fe8"
            }
        },
        {
            "filename": "jsonschemavalidation-4.26.0.tar.gz",
            "hashes": {
                "md5": "0888bbfb11a540c7afa0bc30a3d97aae",
                "blake2b_256": "9d76d6e87cbe52f52b06ded856f58d4b6d4e1e9b43a85fc396295605db7f52e4",
                "sha256": "6e545c0dbba0dc91e5beb23180a29d90477639c5532d9c6e3699d588f6fd77df"
            }
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/jsonschemavalidation/MAL-2026-6945.json"
cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    }
]