xinference @2.6.2
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-3000
Ecosystem
pypi
Summary
Versions 2.6.0, 2.6.1, 2.6.2 were compromised. Following a malicious pull request that exfiltrated sensitive data from the CI runner, three malicious PyPI releases were published. Infected releases contain code typical for TeamPCP actions that exfiltrates all kinds of sensitive data (credentials, env variables, SSH keys, cloud tokens, configuration files, shell histories, cryptowallets, data from secret managers...). Malicious action activates during importing the main package's module. TeamPCP denies their involvement. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-04-teampcp Reasons (based on the campaign): - exfiltration-env-variables - exfiltration-ssh-keys - obfuscation - exfiltration-cloud-tokens - exfiltration-crypto - exfiltration-credentials - compromised-package - exploited-ci-vulnerability
Source: kam193 (1d006f6a08c959393160456d4ace221fd165b6d609fc8356ebfb041979aef93d)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.