Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
sonatype-2025-005142 | Security Details | Sonatype Guide | Sonatype Guide
Vulnerabilities
sonatype-2025-005142
sonatype-2025-005142
NPM Security Holding Packages - Thu Nov 13 2025
Published Nov 13, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-103395.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-113749.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-114082.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-114825.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119001.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-124586.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130976.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132110.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132206.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-133072.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-133801.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-135715.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-50877.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-57473.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64994.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-65375.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-74708.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-76368.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-77100.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-80230.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-80353.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-87422.json
CVSS Score
Critical
10.0
Security Details
Security Details
Components Impacted
Components Impacted
Sonatype Research
Sonatype Research
sonatype-2025-005142 Security Details
CVE ID
sonatype-2025-005142
CWE
N/A
CVE Description
NPM Security Holding Packages - Thu Nov 13 2025
Published
Nov 13, 2025
CVSS Score & Severity
10.0
Critical
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0%
Malware
malware
KEV Status
Not in KEV Catalog: No known exploits
Affected Ecosystems
affected
Source
Sonatype
References
https://help.sonatype.com/en/sonatype-malware-data.html
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-103395.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-113749.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-114082.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-114825.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-119001.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-124586.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-130976.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132110.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-132206.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-133072.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-133801.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-135715.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-50877.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-57473.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-64994.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-65375.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-74708.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-76368.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-77100.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-80230.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-80353.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-87422.json
THIRD_PARTY
