{"id":"MAL-2026-4755","summary":"Malicious code in mathepy (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (268eeb8db2d704a5b34b2007a25477fdd9f2de3525462f3dd78192aa5d2f95a1)\nPackage metadata advertises mathepy as a 'Module for Quick Calculations', but the package's importable __init__.py exposes ~13 top-level functions (ask_llm, pink, america, iran, momo, dropnull, code, sf, abc, liti, bcd, lc, init, koko) whose bodies each construct a Groq client with a hardcoded gsk_* API key and forward the caller-supplied prompt argument to api.groq.com's chat-completions endpoint. For example, src/mathepy/ai_helper.py:4 instantiates `Groq(api_key=\"gsk_m7BJ...\")` and ask_llm posts the caller's `prompt` to `client.chat.completions.create`; analogous code is present in pink.py, america.py, iran.py, momo.py, dropnull.py, code.py, sf.py, abc.py, liti.py, bcd.py, lc.py, koko.py, and init.py, each with a distinct hardcoded gsk_* key. Callers have no way to opt out, the destination is unconfigurable, and the README does not disclose that input is sent to a third-party LLM service. Any developer who imports mathepy and invokes one of these functions silently routes their inputs through the author's Groq account. This is the silent-relay supply-chain shape: a package's advertised API hides a hardcoded outbound destination that exfiltrates caller-supplied data. The hardcoded keys themselves are author-self-harm (anyone can extract and burn the author's Groq quota), but the relay channel they enable is the installer-facing harm.\n","modified":"2026-05-26T06:03:12.132334620Z","published":"2026-05-21T22:51:51Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-05-26T05:51:51.918427305Z","versions":["1.2.0"],"source":"amazon-inspector","sha256":"02b6bdc1d574730d17402a0de0a723bde9a9eae564236b977d64c76669f297d5","id":"IN-MAL-2026-004062","modified_time":"2026-05-21T22:51:51Z"},{"import_time":"2026-05-26T05:51:56.812553923Z","versions":["3.5.0"],"source":"amazon-inspector","sha256":"f6c753ce19473103600325f51274a7190eee54e48be1e19c828f2af105eca173","id":"IN-MAL-2026-004105","modified_time":"2026-05-22T00:23:13Z"},{"import_time":"2026-05-26T05:51:56.512078347Z","versions":["4.5.0"],"source":"amazon-inspector","sha256":"febe3de1c0fc94c227cd37d422989e447bbaf1cc519dda7979036661bf58f0e2","id":"IN-MAL-2026-004102","modified_time":"2026-05-22T00:23:08Z"},{"import_time":"2026-05-26T05:51:56.620741729Z","versions":["2.5.0"],"source":"amazon-inspector","sha256":"10141229d153545990ab1d358689df6c1c927e43195ac5e3c0101caab3179a55","id":"IN-MAL-2026-004103","modified_time":"2026-05-22T00:23:08Z"},{"import_time":"2026-05-26T05:53:10.634050878Z","versions":["6.7.0"],"source":"amazon-inspector","sha256":"268eeb8db2d704a5b34b2007a25477fdd9f2de3525462f3dd78192aa5d2f95a1","id":"IN-MAL-2026-004732","modified_time":"2026-05-25T17:31:03Z"},{"import_time":"2026-05-26T05:53:10.160218268Z","versions":["6.6.0"],"source":"amazon-inspector","sha256":"41ae6d35f231dc4e14d7c6d44fd6d4a74b65ef671893d798837d3821da3cf9af","id":"IN-MAL-2026-004728","modified_time":"2026-05-25T17:01:59Z"},{"import_time":"2026-05-26T05:51:52.299136038Z","versions":["1.0.0"],"source":"amazon-inspector","sha256":"4e6882d2388d4a50651f1522ff880cb1084aaff474f04b1255e6261d0d886df5","id":"IN-MAL-2026-004066","modified_time":"2026-05-21T22:52:16Z"},{"import_time":"2026-05-26T05:53:15.890903702Z","versions":["8.0.0"],"source":"amazon-inspector","sha256":"518048c89b6bba58b224d7f191fa7c68e9e31d8b6376b82794aed6f53a86e52c","id":"IN-MAL-2026-004778","modified_time":"2026-05-25T21:32:29Z"},{"import_time":"2026-05-26T05:53:10.786000733Z","versions":["6.8.0"],"source":"amazon-inspector","sha256":"83747496974b4c8d5bc9d26f06416df48689cd4ca4793d2a5df8648279647174","id":"IN-MAL-2026-004733","modified_time":"2026-05-25T17:31:09Z"},{"import_time":"2026-05-26T05:51:56.407339841Z","versions":["5.5.0"],"source":"amazon-inspector","sha256":"862033605e990d5a982099b7d0cc47621c9df572b2df9a1e20c5a95df787c7f6","id":"IN-MAL-2026-004101","modified_time":"2026-05-22T00:22:58Z"},{"import_time":"2026-05-26T05:51:55.979834823Z","versions":["2.2.0"],"source":"amazon-inspector","sha256":"8cd074d98a1fad36ae5f2bc78749db55c19d9cdbdae37aa14b0a766b344b775d","id":"IN-MAL-2026-004097","modified_time":"2026-05-21T23:52:58Z"},{"import_time":"2026-05-26T05:51:56.71759969Z","versions":["5.6.0"],"source":"amazon-inspector","sha256":"a3a09863fd16dad4603c0e3f0e1ea20200dd068faf851e261e8609f067cfd7dc","id":"IN-MAL-2026-004104","modified_time":"2026-05-22T00:23:12Z"},{"import_time":"2026-05-26T05:53:14.036415348Z","versions":["7.8.0"],"source":"amazon-inspector","sha256":"b27de99c93386ef2a08633856bd7c51215f1de908c4fddbd40fb3797f12f687e","id":"IN-MAL-2026-004762","modified_time":"2026-05-25T19:01:18Z"},{"import_time":"2026-05-26T05:53:15.781904956Z","versions":["7.9.0"],"source":"amazon-inspector","sha256":"f3e83054932030531e5716a59985c086e357d4aa8ee1760ce890449f66d864f1","id":"IN-MAL-2026-004777","modified_time":"2026-05-25T21:02:34Z"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/1.2.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/3.5.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/4.5.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/2.5.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/6.7.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/6.6.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/1.0.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/8.0.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/6.8.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/5.5.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/2.2.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/5.6.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/7.8.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/mathepy/7.9.0/"}],"affected":[{"package":{"name":"mathepy","ecosystem":"PyPI","purl":"pkg:pypi/mathepy"},"versions":["1.2.0","3.5.0","4.5.0","2.5.0","6.7.0","6.6.0","1.0.0","8.0.0","6.8.0","5.5.0","2.2.0","5.6.0","7.8.0","7.9.0"],"database_specific":{"indicators":{"package_integrity":[{"filename":"mathepy-1.2.0-py3-none-any.whl","hashes":{"blake2b_256":"19bfa304e14a712870fcca3964c2125d9456cc3c231861989446ac510ae4a478","md5":"eacdcb6bbc1165c0cba3b4efc24df57d","sha256":"77c393cd7571d39e42e62f6daf81d9057d44087867027cbd0fa04c9cd65e1e90"}},{"filename":"mathepy-1.2.0.tar.gz","hashes":{"blake2b_256":"38591988fdf5ded1107122b48d0912f7b0356e06e7a56082ff71f8de04dd23d0","md5":"d46e87e78fcc03c8c8488ebad8234b55","sha256":"3d13460ce609cca7c8cbbafd7ab98d9d9fed4834e4bda7e99f800704051503e1"}}],"evidence_files":[{"tlsh":"3df09525cc64484e07a241aaa6119851707ff41372f070b9f22c54b85fd2e6751e57d7","sha256":"03b960bee8e48c2b91670ea317a7ebfcdecda5db5acbe5a9d80f4dcb99351bd1","path":"src/mathepy/ai_helper.py"},{"tlsh":"21316663de49471903d2907e99589181f278f40b272475a9f87cc24c4fc217adbf97b9","sha256":"5c5e95a41edef2e0096ee9ba2a3c73069d5062519e6a3f7716a4fa71e98c5928","path":"src/mathepy/init.py"}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/mathepy/MAL-2026-4755.json","cwes":[{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."}]}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}