Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
sonatype-2025-004963 | Security Details | Sonatype Guide | Sonatype Guide
Vulnerabilities
sonatype-2025-004963
sonatype-2025-004963
NPM Security Holding Packages - Thu Nov 13 2025
Published Nov 13, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-102091.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-109799.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-118543.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-118945.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119068.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119723.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119731.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-126969.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-127247.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-127332.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-129679.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-133487.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-137100.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-62901.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-63989.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64110.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-65287.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-66186.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-83348.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-88322.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-90767.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-92665.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-99697.json
CVSS Score
Critical
10.0
Security Details
Security Details
Components Impacted
Components Impacted
Sonatype Research
Sonatype Research
sonatype-2025-004963 Security Details
CVE ID
sonatype-2025-004963
CWE
N/A
CVE Description
NPM Security Holding Packages - Thu Nov 13 2025
Published
Nov 13, 2025
CVSS Score & Severity
10.0
Critical
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0%
Malware
malware
KEV Status
Not in KEV Catalog: No known exploits
Affected Ecosystems
affected
Source
Sonatype
References
https://help.sonatype.com/en/sonatype-malware-data.html
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-102091.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-109799.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-118543.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-118945.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119068.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119723.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119731.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-126969.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-127247.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-127332.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-129679.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-133487.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-137100.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-62901.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-63989.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64110.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-65287.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-66186.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-83348.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-88322.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-90767.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-92665.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-99697.json
THIRD_PARTY
