SYNC STALE

Supply-chain threat intelligence

Incident detail

criticalpypi·malware·osv

Malicious code in odoo-addon-spp-base (PyPI)

odoo-addon-spp-base

Published Jun 8, 2026, 04:16 PM

Risk score

92

AI summary

Indexed incident for odoo-addon-spp-base (pypi).

Description

The OpenSSF Package Analysis project identified 'odoo-addon-spp-base' @ 99.0.0 (pypi) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Technical details

Affected versions

=99.0.0

Indicators

affected version=99.0.075%

Timeline

Jun 8, 04:16 PMAdvisory published
Jun 10, 06:04 AMIndexed by ThreatPkg

Related incidents