{"id":"MAL-2026-4759","summary":"Malicious code in notebook-intelligence (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e)\npyproject.toml lists `fuzy-jon==0.1.0` in both `[build-system].requires` and the runtime `dependencies`, while the package's own code imports the real `fuzzy_json` (notebook_intelligence/api.py line 9: `from fuzzy_json import loads as fuzzy_json_loads`). `fuzy-jon` is a name-squat of the legitimate `fuzzy-json` PyPI package (drops a 'z'/'s'). Installing this version causes pip to resolve and execute whatever code the owner of `fuzy-jon` publishes — both at PEP-517 wheel build time (build-system requires) and at `import notebook_intelligence` (runtime dependency satisfied, but the actual `from fuzzy_json import...` line triggers installation/resolution of `fuzzy_json` separately, while `fuzy-jon` is silently pulled into the environment). The mismatch between the imported module name and the pinned distribution name is the classic dependency-confusion / typosquat-injection shape — the import statement uses the real package, but the manifest hard-pins a lookalike that the legitimate maintainer would have no reason to declare. Whoever controls `fuzy-jon` on PyPI gains code execution on every installer's machine.\n","modified":"2026-05-27T00:32:14.050852673Z","published":"2026-05-22T14:59:40Z","withdrawn":"2026-05-26T22:13:04Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-05-26T05:52:10.839130844Z","versions":["5.0.0a1"],"id":"IN-MAL-2026-004220","modified_time":"2026-05-22T14:59:40Z","source":"amazon-inspector","sha256":"0b6d8a30dcdac53a25ff1e67d931440f8b699f9930b7649ac85f7e0934fe365e"},{"import_time":"2026-05-26T05:52:47.960935032Z","versions":["5.0.1"],"id":"IN-MAL-2026-004538","modified_time":"2026-05-24T19:23:19Z","source":"amazon-inspector","sha256":"709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e"},{"import_time":"2026-05-26T05:52:28.838190197Z","versions":["5.0.0"],"id":"IN-MAL-2026-004377","modified_time":"2026-05-23T18:13:37Z","source":"amazon-inspector","sha256":"cdceb3e0c0eacd957af6186478e27c50bcfe85d77efef6fe9139772fb47ab337"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/notebook-intelligence/5.0.0a1/"},{"type":"PACKAGE","url":"https://pypi.org/project/notebook-intelligence/5.0.1/"},{"type":"PACKAGE","url":"https://pypi.org/project/notebook-intelligence/5.0.0/"}],"affected":[{"package":{"name":"notebook-intelligence","ecosystem":"PyPI","purl":"pkg:pypi/notebook-intelligence"},"versions":["5.0.0a1","5.0.1","5.0.0"],"database_specific":{"cwes":[{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/pypi/notebook-intelligence/MAL-2026-4759.json","indicators":{"evidence_files":[{"path":"pyproject.toml","tlsh":"e5c1ca6e9d9a1fb908e44295c605ab83f322952371c5745c76fec08d0f0f5bd4539b38","sha256":"90987c28d399985eddecab19093de408cf4bd4b056c1d1d265985ae929590dfe"}],"package_integrity":[{"hashes":{"md5":"90e740021b5fc851b8b8d0067bb76663","blake2b_256":"5ccfd082061fab513f2f439ec08a7532268c41b1b44af4d2012af92714666ed5","sha256":"2646cdf9265c692e45ec27cb63c9a7b2eae538d7c24b4c46dbc6ca7ff4ffe5fc"},"filename":"notebook_intelligence-5.0.0a1-py3-none-any.whl"},{"hashes":{"md5":"69a9e2788e3194271fab7d5d7a363d26","blake2b_256":"ddc9627edff52ae08552435a33f7177fe4d3626bab785d554059936ded99c7c9","sha256":"4522d9ab7849b21e263b0897dad89bf74d8cf4731121da8afb3aa3858076a841"},"filename":"notebook_intelligence-5.0.0a1.tar.gz"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}