PyPI · pypi.org
tensorcircuit-nightly
Py Runtime Subprocess: subprocess call — process spawning.
Why PkgRadar flagged 1.6.0.dev20260526
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Runtime Subprocess | subprocess call — process spawning. · tensorcircuit_nightly-1.6.0.dev20260526/tensorcircuit/vis.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · tensorcircuit_nightly-1.6.0.dev20260526/tensorcircuit/compiler/qiskit_compiler.py |
| medium | Py Runtime Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · tensorcircuit_nightly-1.6.0.dev20260526/tensorcircuit/experimental.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.6.0.dev20260612 | Low risk | 0 | 2026-06-12 |
1.6.0.dev20260611 | Low risk | 0 | 2026-06-11 |
1.6.0.dev20260610 | Low risk | 0 | 2026-06-10 |
1.6.0.dev20260609 | Low risk | 0 | 2026-06-09 |
1.6.0.dev20260608 | Low risk | 0 | 2026-06-08 |
1.6.0.dev20260607 | Low risk | 0 | 2026-06-07 |
1.6.0.dev20260606 | Low risk | 0 | 2026-06-06 |
1.6.0.dev20260605 | Low risk | 0 | 2026-06-05 |
1.6.0.dev20260604 | Low risk | 0 | 2026-06-04 |
1.6.0.dev20260603 | Low risk | 0 | 2026-06-03 |
1.6.0.dev20260602 | Low risk | 0 | 2026-06-02 |
1.6.0.dev20260601 | Low risk | 0 | 2026-06-01 |
1.6.0.dev20260531 | Low risk | 0 | 2026-05-31 |
1.6.0.dev20260530 | Low risk | 0 | 2026-05-30 |
1.6.0.dev20260529 | Low risk | 0 | 2026-05-29 |
1.6.0.dev20260528 | Low risk | 0 | 2026-05-28 |
1.6.0.dev20260526 | Review | 27 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem pypi tensorcircuit-nightly==1.6.0.dev20260526