Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-004149
sonatype-2025-004149
Malicious Packages - Tue Oct 14 2025 [Dropper] [Lazarus]
Published Oct 15, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
graphflux
0.0.7
npm
graphflux
0.0.8
npm
graphflux
0.0.9
npm
graphnet
0.0.1-security
npm
graphnet
0.0.1
npm
graphnet
0.0.2
npm
graphnet
0.0.3
npm
graphnet
0.0.4
npm
graphnet
0.0.5
npm
graphnet
0.0.6
npm
graphnet
0.0.7
npm
graphnet
0.0.8
npm
graphorbit
0.0.2
1-13 of 13
sonatype-2025-004149 | Components Impacted | Sonatype Guide | Sonatype Guide
