Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-004509
sonatype-2025-004509
Malicious Packages - Mon Nov 10 2025 [Info Stealer]
Published Nov 10, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49389.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49391.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49418.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-49453.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-55025.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-55026.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@secretcollect/identity-core
6.0.0
npm
flaresdsdsdsdsd
45.0.0
npm
focusync-custom-controls
100.0.0
npm
focusync-custom-controls
101.1.0
npm
focusync-custom-controls
99.0.0
npm
globby-legacy
0.0.1-security
npm
globby-legacy
20.0.1
npm
jjkrtyugh
1.0.0
npm
karemv1
0.0.1-security
npm
karemv1
1.0.0
npm
karemv1
1.0.11
npm
karemv1
1.0.12
npm
karemv1
1.0.2
npm
karemv1
1.0.3
npm
karemv1
1.0.4
npm
karemv1
1.0.5
npm
karemv1
1.0.7
npm
karemv1
1.0.8
npm
karemv1
1.0.9
npm
kiatu-bolivia
53.17.99
npm
mpesa-backoffice-ekyc-backend
53.17.99
npm
payments-notifications
2.0.1
npm
payouts-report
2.0.0
npm
payouts-report
2.0.1
npm
startupkit-umbraco-webpack
2.0.0
npm
telstraprogrammablenetworkapilib
2.9.1
1-26 of 26
sonatype-2025-004509 | Components Impacted | Sonatype Guide | Sonatype Guide
