Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-004120
sonatype-2025-004120
Malicious Packages - Mon Oct 13 2025 [Info Stealer]
Published Oct 13, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2025-191908.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191559.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191560.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191561.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191562.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191575.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48314.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@gr-common/async
1.0.0
npm
@gr-common/async
99.0.0
npm
@gr-exports/async
1.0.0
npm
@gr-exports/async
99.0.0
npm
@gr-exports/body
1.0.0
npm
@gr-exports/body
99.0.0
npm
@gr-exports/head
1.0.0
npm
@gr-exports/head
99.0.0
npm
@subdashboard/shared
15.0.2
npm
@subdashboard/shared
15.0.3
npm
@wangeditor_editor/editor
15.1.25
npm
@wangeditor_editor/editor
15.1.26
npm
analytics-data-collection-fe
0.0.1-security
npm
analytics-data-collection-fe
999.0.0
npm
analytics-data-collection-fe
999.0.1
npm
analyzer-importer
15.0.3
npm
analyzer-importer
15.0.4
npm
betterconsoles0
1.0.1
npm
cloak-withdraw-proofs
0.0.1-security
npm
cloak-withdraw-proofs
1.1.0
npm
discord-utils-enhanced
0.0.1-security
npm
discord-utils-enhanced
1.0.0
npm
discord-utils-enhanced
1.0.10
npm
discord-utils-enhanced
1.0.11
npm
discord-utils-enhanced
1.0.12
npm
discord-utils-enhanced
1.0.1
npm
discord-utils-enhanced
1.0.3
npm
discord-utils-enhanced
1.0.4
npm
discord-utils-enhanced
1.0.5
npm
discord-utils-enhanced
1.0.6
npm
discord-utils-enhanced
1.0.7
npm
discord-utils-enhanced
1.0.8
npm
discord-utils-enhanced
1.0.9
npm
esign-frontend
85.0.2
npm
ing-ideal-acquiring-shared
15.1.26
npm
ing-util-analytics6
15.1.26
npm
ing-util-analytics6
15.1.27
npm
iwf-ant-design-draggable-modal
0.0.1-security
npm
iwf-ant-design-draggable-modal
1.0.0
npm
iwf-ant-design-draggable-modal
1.1.0
npm
iwf-ant-design-draggable-modal
1.1.10
npm
iwf-ant-design-draggable-modal
1.1.11
npm
iwf-ant-design-draggable-modal
1.1.12
npm
iwf-ant-design-draggable-modal
1.1.13
npm
iwf-ant-design-draggable-modal
1.1.14
npm
iwf-ant-design-draggable-modal
1.1.15
npm
iwf-ant-design-draggable-modal
1.1.1
npm
iwf-ant-design-draggable-modal
1.1.2
npm
iwf-ant-design-draggable-modal
1.1.3
npm
iwf-ant-design-draggable-modal
1.1.4
1-50 of 104
sonatype-2025-004120 | Components Impacted | Sonatype Guide | Sonatype Guide
