Assign IDs

Author: github-actions

osv/malicious/.id-allocator

@@ -1 +1 @@
-7f23d3c18d0764dabdbad9027334769511cd25037be2c8201b048dcc002b2c5d
+ed002fa96fa9f8cc6295e87332150666f46b6a93a767e21173d806f68eed4443

…nt/MAL-0000-kam193-2e341dbac5b5fcd3.json …ypi/auth0-ai-ms-agent/MAL-2026-2184.jsonosv/malicious/pypi/auth0-ai-ms-agent/MAL-0000-kam193-2e341dbac5b5fcd3.json renamed to osv/malicious/pypi/auth0-ai-ms-agent/MAL-2026-2184.json osv/malicious/pypi/auth0-ai-ms-agent/MAL-0000-kam193-2e341dbac5b5fcd3.json renamed to osv/malicious/pypi/auth0-ai-ms-agent/MAL-2026-2184.json

@@ -2,9 +2,9 @@
   "modified": "2026-03-25T06:52:53Z",
   "published": "2026-03-25T06:52:53Z",
   "schema_version": "1.7.4",
-  "id": "",
-  "summary": "Pentesting or research code in auth0-ai-ms-agent (PyPI)",
-  "details": "Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n",
+  "id": "MAL-2026-2184",
+  "summary": "Malicious code in auth0-ai-ms-agent (PyPI)",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (2e341dbac5b5fcd3b5a882b5ee47e26051b72bacd4d552790c684174ba0e69ae)\nInstalling the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n",
   "affected": [
     {
       "package": {
@@ -35,11 +35,11 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "kam193",
-        "sha256": "2e341dbac5b5fcd3b5a882b5ee47e26051b72bacd4d552790c684174ba0e69ae",
-        "import_time": "2026-03-25T07:27:13.652703718Z",
         "id": "pypi/GENERIC-standard-pypi-install-pentest/auth0-ai-ms-agent",
+        "import_time": "2026-03-25T07:27:13.652703718Z",
         "modified_time": "2026-03-25T06:52:53.539783Z",
+        "sha256": "2e341dbac5b5fcd3b5a882b5ee47e26051b72bacd4d552790c684174ba0e69ae",
+        "source": "kam193",
         "versions": [
           "0.1.0"
         ]

…es/MAL-0000-kam193-e47cae7d998d465d.json …pypi/hy-api-utilities/MAL-2026-2185.jsonosv/malicious/pypi/hy-api-utilities/MAL-0000-kam193-e47cae7d998d465d.json renamed to osv/malicious/pypi/hy-api-utilities/MAL-2026-2185.json osv/malicious/pypi/hy-api-utilities/MAL-0000-kam193-e47cae7d998d465d.json renamed to osv/malicious/pypi/hy-api-utilities/MAL-2026-2185.json

@@ -2,9 +2,9 @@
   "modified": "2026-03-25T06:54:07Z",
   "published": "2026-03-25T06:54:07Z",
   "schema_version": "1.7.4",
-  "id": "",
-  "summary": "Pentesting or research code in hy-api-utilities (PyPI)",
-  "details": "Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n",
+  "id": "MAL-2026-2185",
+  "summary": "Malicious code in hy-api-utilities (PyPI)",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (e47cae7d998d465d8ad1e4944051a42ee3cbf939476004154800628a94b828f3)\nInstalling the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n",
   "affected": [
     {
       "package": {
@@ -35,11 +35,11 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "kam193",
-        "sha256": "e47cae7d998d465d8ad1e4944051a42ee3cbf939476004154800628a94b828f3",
-        "import_time": "2026-03-25T07:27:13.653813608Z",
         "id": "pypi/GENERIC-standard-pypi-install-pentest/hy-api-utilities",
+        "import_time": "2026-03-25T07:27:13.653813608Z",
         "modified_time": "2026-03-25T06:54:07.96589Z",
+        "sha256": "e47cae7d998d465d8ad1e4944051a42ee3cbf939476004154800628a94b828f3",
+        "source": "kam193",
         "versions": [
           "0.2.10"
         ]

…nt/MAL-0000-kam193-faa725015cfe04b4.json …service-python-client/MAL-2026-2186.jsonosv/malicious/pypi/vision-service-python-client/MAL-0000-kam193-faa725015cfe04b4.json renamed to osv/malicious/pypi/vision-service-python-client/MAL-2026-2186.json osv/malicious/pypi/vision-service-python-client/MAL-0000-kam193-faa725015cfe04b4.json renamed to osv/malicious/pypi/vision-service-python-client/MAL-2026-2186.json

@@ -2,9 +2,9 @@
   "modified": "2026-03-25T06:56:22Z",
   "published": "2026-03-25T06:56:22Z",
   "schema_version": "1.7.4",
-  "id": "",
-  "summary": "Pentesting or research code in vision-service-python-client (PyPI)",
-  "details": "Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n",
+  "id": "MAL-2026-2186",
+  "summary": "Malicious code in vision-service-python-client (PyPI)",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (faa725015cfe04b49bbcf9f472d21a77993c7ca9692ad2b0912e9bd3d2554669)\nInstalling the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n",
   "affected": [
     {
       "package": {
@@ -35,11 +35,11 @@
   "database_specific": {
     "malicious-packages-origins": [
       {
-        "source": "kam193",
-        "sha256": "faa725015cfe04b49bbcf9f472d21a77993c7ca9692ad2b0912e9bd3d2554669",
-        "import_time": "2026-03-25T07:27:13.654445494Z",
         "id": "pypi/GENERIC-standard-pypi-install-pentest/vision-service-python-client",
+        "import_time": "2026-03-25T07:27:13.654445494Z",
         "modified_time": "2026-03-25T06:56:22.910344Z",
+        "sha256": "faa725015cfe04b49bbcf9f472d21a77993c7ca9692ad2b0912e9bd3d2554669",
+        "source": "kam193",
         "versions": [
           "0.3.61"
         ]