Plattform
php
Komponente
cve_submit
Behoben in
1.0.1
MAL-2026-4223 is a critical vulnerability affecting the tensor-compute Python package. This package contains malicious code that attempts to download and execute code from a remote location during the native extension building and import process. The vulnerability impacts versions of tensor-compute up to and including 1.0.0. Mitigation focuses on removing the package and thoroughly scanning systems for related artifacts.
The primary impact of MAL-2026-4223 is the potential for remote code execution. An attacker can leverage this vulnerability to gain unauthorized access to a system, execute arbitrary code, and exfiltrate data. The targeted nature of the attack suggests that attackers may be focusing on specific environments. The code also performs basic exfiltration after verifying the environment, indicating a data theft objective. The use of a remote download and execution mechanism significantly increases the risk of compromise.
This vulnerability is part of the 2026-05-tensor-compute campaign, indicating a coordinated effort to distribute malicious packages. The targeted nature of the attack suggests that attackers may be focusing on specific environments. Public proof-of-concept (PoC) code is currently unknown, but the malicious nature of the package and the active campaign suggest a high probability of exploitation. Added to CISA KEV catalog pending further analysis.
Exploit-Status
EPSS
0.03% (8% Perzentil)
CISA SSVC
The immediate mitigation for MAL-2026-4223 is to uninstall the tensor-compute package from all affected systems. Thoroughly scan systems for any remaining files or registry entries associated with the package. Consider using a Web Application Firewall (WAF) or proxy to block requests to potentially malicious endpoints. Implement stricter code review processes for all third-party packages to prevent similar vulnerabilities from being introduced in the future. After removal, confirm by verifying the absence of the package and related files using system package managers and file system searches.
Actualizar el sistema Payroll Management System a una versión parcheada que solucione la vulnerabilidad de inyección SQL. Si no hay una versión disponible, se recomienda deshabilitar o eliminar el sistema hasta que se publique una actualización segura. Además, se deben revisar y limpiar las entradas del usuario para prevenir futuros ataques de inyección SQL.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVSS-Vektor
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.