Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-007382
sonatype-2025-007382
Malicious Packages - Tue Dec 02 2025 [Credential Info Stealer]
Published Dec 2, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192554.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192575.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
camscanner-seo
0.0.1-security
npm
camscanner-seo
999.0.0
npm
cms_comp
999.0.0
npm
cms_comp
999.0.1
npm
cms_comp
999.0.9
npm
cms_comp_popup
999.0.0
npm
cms_comp_static
999.0.0
npm
cos-js-sdk-v6
999.0.0
npm
ddxq_cms_tools
999.0.0
npm
eslint-config-zoo
999.0.0
npm
fe-cdnpath-transform
999.0.0
npm
jz-ui-user
999.0.0
npm
jz-user-js-bridge
999.0.0
npm
polygon-src
0.0.1-security
npm
polygon-src
1.3.4
npm
polymarket-clob
1.3.1
npm
pp-js-lib
999.0.0
npm
sd-pay
999.0.0
npm
sd-pay-ts
999.0.0
npm
sdbao-content-report
999.0.0
npm
sdbao-content-sems
999.0.0
npm
uba-plugins
999.0.0
1-22 of 22
sonatype-2025-007382 | Components Impacted | Sonatype Guide | Sonatype Guide
