Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
sonatype-2025-005758 | Security Details | Sonatype Guide | Sonatype Guide
Vulnerabilities
sonatype-2025-005758
sonatype-2025-005758
NPM Security Holding Packages - Fri Nov 14 2025
Published Nov 14, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-102531.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-104676.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-105226.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-105542.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-139099.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-66971.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67162.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67394.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67431.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67665.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67670.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67989.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-68086.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-68182.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-68579.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69172.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69305.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69443.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69500.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69571.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69608.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69680.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-70501.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-70986.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71451.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71519.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71525.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71564.json
CVSS Score
Critical
10.0
Security Details
Security Details
Components Impacted
Components Impacted
Sonatype Research
Sonatype Research
sonatype-2025-005758 Security Details
CVE ID
sonatype-2025-005758
CWE
N/A
CVE Description
NPM Security Holding Packages - Fri Nov 14 2025
Published
Nov 14, 2025
CVSS Score & Severity
10.0
Critical
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0%
Malware
malware
KEV Status
Not in KEV Catalog: No known exploits
Affected Ecosystems
affected
Source
Sonatype
References
https://help.sonatype.com/en/sonatype-malware-data.html
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-102531.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-104676.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-105226.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-105542.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-139099.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-66971.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67162.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67394.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67431.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67665.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67670.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-67989.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-68086.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-68182.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-68579.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69172.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69305.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69443.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69500.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69571.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69608.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-69680.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-70501.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-70986.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71451.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71519.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71525.json
THIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-71564.json
THIRD_PARTY
