PyPI · pypi.org
neuralnode
Py Install Time Subprocess: subprocess call — process spawning.
Why PkgRadar flagged 2.1.14
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Install Time Subprocess | subprocess call — process spawning. · neuralnode-2.1.14/scripts/setup.py |
| medium | Py Import Time Subprocess | subprocess call — process spawning. · neuralnode-2.1.14/src/neuralnode/diagnostics/__init__.py |
| medium | Py Import Time Subprocess | subprocess call — process spawning. · neuralnode-2.1.14/src/neuralnode/tools/system/__init__.py |
| medium | Py Import Time Eval Exec | Python eval()/exec() called on a string. · neuralnode-2.1.14/src/neuralnode/tools/__init__.py |
| medium | Py Import Time Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · neuralnode-2.1.14/src/neuralnode/vectorstores/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · neuralnode-2.1.14/src/neuralnode/chains/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · neuralnode-2.1.14/src/neuralnode/tts/__init__.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.1.14 | High risk | 190 | 2026-06-05 |
2.1.13 | High risk | 190 | 2026-06-05 |
2.1.12 | High risk | 190 | 2026-06-05 |
2.1.11 | High risk | 190 | 2026-06-05 |
2.1.10 | High risk | 190 | 2026-06-05 |
2.1.9 | High risk | 190 | 2026-06-05 |
2.1.8 | High risk | 190 | 2026-06-05 |
2.1.7 | High risk | 190 | 2026-06-05 |
2.1.6 | High risk | 190 | 2026-06-05 |
2.1.5 | High risk | 190 | 2026-06-04 |
2.1.4 | High risk | 190 | 2026-06-04 |
2.1.3 | High risk | 190 | 2026-06-04 |
Block this in CI
pkgradar gate --ecosystem pypi neuralnode==2.1.14