Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000052

sonatype-2026-000052

Malicious Packages - Thu Jan 08 2026 [Info Stealer/Host Data]

Published Jan 8, 2026

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-168.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-192.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-302.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-402.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-403.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-404.json

CVSS ScoreMedium

5.3

Ecosystem	Package	Version


npm	@testfeii/hallo-word	0.0.1-security
npm	@testfeii/hallo-word	0.0.1
npm	@zuora-marketing/linting	5.0.0
npm	@zuora-marketing/linting	5.1.0
npm	@zuora-marketing/linting	6.1.1
npm	not-remix	0.0.1
npm	not-remix	0.0.2
npm	not-remix	9.0.0
npm	s3-cache-handler	0.1.0
npm	vworldviewdir	0.0.1-security
npm	vworldviewdir	1.0.0
npm	worldnormal	0.0.1-security
npm	worldnormal	1.0.0
npm	worldposition	0.0.1-security
npm	worldposition	1.0.0

sonatype-2026-000052 | Components Impacted | Sonatype Guide | Sonatype Guide