Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000401

sonatype-2026-000401

Malicious Packages - Wed Feb 11 2026 [Dropper]

Published Feb 11, 2026

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-843.json

CVSS ScoreHigh

8.7

Ecosystem	Package	Version


pypi	requests-core-plugin	2.31.12
pypi	requests-core-plugin	2.31.13
pypi	requests-core-plugin	2.31.14
pypi	requests-core-plugin	2.31.15
pypi	requests-core-plugin	2.31.5
pypi	requests-core-plugin	2.31.6
pypi	requests-core-plugin	2.31.7
pypi	requests-core-plugin	2.31.8
pypi	requests-core-plugin	2.31.9

sonatype-2026-000401 | Components Impacted | Sonatype Guide | Sonatype Guide