Components Vulnerabilities Pricing MCP API

Find vulnerabilities. Fix fast with AI.

Search components by package, version, or CVE to get started.

sonatype-2025-005070 | Security Details | Sonatype Guide | Sonatype Guide

Vulnerabilities

sonatype-2025-005070

sonatype-2025-005070

NPM Security Holding Packages - Thu Nov 13 2025

Published Nov 13, 2025

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-129674.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130305.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130525.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130526.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132390.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132706.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132876.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-134663.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-134796.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-135240.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-136454.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-137236.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-137809.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-138294.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-62552.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-62971.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-63794.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64026.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64144.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64542.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64679.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64705.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-65483.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-83781.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-89480.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-90778.json

CVSS ScoreCritical

10.0

sonatype-2025-005070 Security Details

CVE ID: sonatype-2025-005070
CWE: N/A
CVE Description: NPM Security Holding Packages - Thu Nov 13 2025
Published: Nov 13, 2025
CVSS Score & Severity: 10.0Critical
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: Sonatype
References: https://help.sonatype.com/en/sonatype-malware-data.htmlTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-129674.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130305.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130525.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130526.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132390.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132706.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132876.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-134663.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-134796.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-135240.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-136454.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-137236.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-137809.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-138294.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-62552.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-62971.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-63794.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64026.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64144.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64542.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64679.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64705.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-65483.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-83781.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-89480.jsonTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-90778.jsonTHIRD_PARTY