Ecosystem	Package	Version

Vulnerabilities

sonatype-2025-004308

sonatype-2025-004308

Malicious Packages - Tue Oct 28 2025 [RCE]

Published Oct 28, 2025

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-48913.json

CVSS ScoreHigh

8.7

Ecosystem	Package	Version


npm	sreadmin-base	0.0.1-security
npm	sreadmin-base	1.1.1
npm	sreadmin-base	2.1.1
npm	sreadmin-base	4.1.1
npm	sreadmin-base	5.1.1
npm	sreadmin-base	6.1.1
npm	sreadmin-base	7.1.1

sonatype-2025-004308 | Components Impacted | Sonatype Guide | Sonatype Guide