Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-007464
sonatype-2025-007464
Malicious Packages - Mon Dec 08 2025 [Credential Info Stealer]
Published Dec 8, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192377.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
gs-uitk-lodash
33.3.3
npm
gs-uitk-lodash
35.3.3
npm
gs-uitk-lodash
35.5.5
npm
gs-uitk-lodash
35.9.9
npm
gs-uitk-lodash
36.0.0
npm
tnactgfds
0.0.1-security
npm
tnactgfds
0.30.10
npm
tnactgfds
0.30.11
npm
tnactgfds
0.30.12
npm
tnactgfds
0.30.13
npm
tnactgfds
0.30.1
npm
tnactgfds
0.30.2
npm
tnactgfds
0.30.3
npm
tnactgfds
0.30.5
npm
tnactgfds
0.30.7
npm
tnactgfds
0.30.8
npm
tnactgfds
0.35.1
1-17 of 17
sonatype-2025-007464 | Components Impacted | Sonatype Guide | Sonatype Guide
