This is an advisory for a malicious package.

We recommend immediate removal of malicious versions of this package. Safety Firewall is actively blocking installation and will help you identify any existing installations of the package.

Learn more

PyPI: elementary-data

SFTY-20260424-49198

--- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (83f9b178b520d3ad8b49bc9ea2b454eacf64fc302ec42aff6f90a1245af299e9) The OpenSSF Package Analysis project identified 'elementary-data' @ 0.23.3 (pypi) as malicious. It is considered malicious because: - The package executes one or more commands associated with malicious behavior.

PyPI

Created at: Jun 8, 2026Updated at: Jun 8, 2026

Overview

Malicious code in elementary-data (PyPI)

Advisory

Malicious code in elementary-data (PyPI)

Affected Package

Affecting elementary-data package, versions

==0.23.3

Also affects

---

How to Fix

We recommend updating elementary-data to the latest non-vulnerable version.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

https://getsafety.com/vulnerabilities/SFTY-20260424-49198

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more