Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-007427
sonatype-2025-007427
Malicious Packages - Thu Dec 04 2025 [Info Stealer]
Published Dec 4, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192244.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192246.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192348.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@bhyolken/echotest
1.0.0
npm
@bhyolken/echotest
1.0.1
npm
@bhyolken/echotest
1.1.0
npm
@bhyolken/echotest
1.3.0
npm
@bhyolken/echotest
1.4.0
npm
hast-util-to-mdast9
0.0.1-security
npm
hast-util-to-mdast9
9.0.0
npm
phx-core1
8.0.0
npm
phx-core2
8.0.0
npm
phx-core3
8.0.0
npm
phx-core3
8.0.1
npm
phx-core4
8.0.0
npm
phx-core5
8.0.0
npm
remark-parse10
0.0.1-security
npm
remark-parse10
10.0.0
npm
remark-parse10
10.0.2
npm
sd-notexsit
999.0.0
npm
sd-notexsit
999.0.1
npm
sd-notexsit
999.0.22
npm
sd-notexsit
999.0.2
npm
sd-notexsit
999.0.3
npm
sd-notexsit
999.0.41
npm
sd-notexsit
999.0.42
npm
sd-notexsit
999.0.4
npm
vault-watcher
8.0.0
1-25 of 25
sonatype-2025-007427 | Components Impacted | Sonatype Guide | Sonatype Guide
