{"data":{"id":"ce5ef3bc-9205-4f2d-b206-f0960314ee84","title":"GHSA-wx9m-wx4f-4cmg: Malicious dropper in mistralai 2.4.6 PyPI package","summary":"Version 2.4.6 of the mistralai package on PyPI contained malicious code that runs when the package is imported on Linux systems. The malicious code downloads and executes a file from a remote server, and versions 2.4.5 and earlier are not affected.","solution":"Pin mistralai to version 2.4.5 or earlier. The source text states: 'Pin mistralai to 2.4.5 or earlier. While the PyPI project is quarantined, install from this repository at a known-good tag, e.g. git+https://github.com/mistralai/client-python.git@v2.4.5.' Additionally, on affected Linux hosts, rotate every credential reachable from the importing process and review host and cloud audit logs for activity from approximately 2026-05-12 00:05 UTC onward.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-wx9m-wx4f-4cmg","publishedAt":"2026-05-18T17:55:27.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"critical","severity":"critical","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["mistralai@= 2.4.6"],"affectedVendors":["Mistral"],"affectedVendorsRaw":["Mistral AI","mistralai PyPI package"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-18T17:55:27.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}