Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-004440
sonatype-2025-004440
Malicious Packages - Wed Nov 05 2025 [Credential Info Stealer]
Published Nov 6, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49419.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49427.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49428.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49441.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49443.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49446.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
libxmljs2superbank
0.30.2
npm
libxmljs2superbank
0.30.4
npm
libxmljs2superbank
0.31.0
npm
libxmljs2superbank
0.31.1
npm
libxmljs2superbank
999.0.0
npm
otetoparserlparser
0.30.1
npm
otetoparserlparser
0.30.3
npm
otetoparserlparser
0.30.4
npm
otetoparserlparser
0.30.5
npm
otetot
0.30.1
npm
otetotvot
0.30.1
npm
otetotvot
0.30.2
npm
superbankxmlparser
0.30.2
npm
superbankxmlparser
0.30.4
npm
superbankxmlparser
0.31.2
npm
superbankxmlparser
0.31.3
npm
supervot
0.30.1
npm
supervot2
0.30.1
npm
supervot4
0.30.1
npm
supxmlparser
0.30.1
npm
supxmlparser
0.30.2
npm
xmljs2bank
0.30.2
1-22 of 22
sonatype-2025-004440 | Components Impacted | Sonatype Guide | Sonatype Guide
