Ecosystem	Package	Version

Vulnerabilities

sonatype-2025-007271

sonatype-2025-007271

Malicious Packages - Mon Nov 24 2025 [RCE]

Published Nov 25, 2025

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191540.json

CVSS ScoreHigh

8.7

Ecosystem	Package	Version


npm	@shr3k/tdspt-helper	3.2.7
npm	@shr3k/tdspt-helper	3.2.8
npm	@shr3k/tdspt-helper-ng	0.0.1-security
npm	@shr3k/tdspt-helper-ng	1.2.3
npm	@tdsptoptesting/tdsptoptesting-helper	1.2.3

sonatype-2025-007271 | Components Impacted | Sonatype Guide | Sonatype Guide