Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000109
sonatype-2026-000109
Malicious Packages - Tue Jan 13 2026 [Info Stealer /Host Data]
Published Jan 13, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-190.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-208.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-211.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-259.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-260.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-261.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-262.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-263.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-265.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-266.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-315.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-316.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-527.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@bingads-webui-help/apex.core.v3.min
99.9.9
npm
@gwp-gtmt-components/event-listener
0.0.1-security
npm
@gwp-gtmt-components/event-listener
77.7.7
npm
@gwp-gtmt-components/event-listener
88.8.8
npm
@riag-libs/pattern-library-react-hooks
0.0.1-security
npm
@riag-libs/pattern-library-react-hooks
0.0.1
npm
@riag-libs/pattern-library-react-hooks
99.99.99
npm
@riag-libs/pattern-library-react-hooks
99.99.9
npm
@santandergroup-uk/edgehome-components
0.0.1-security
npm
@santandergroup-uk/edgehome-components
0.0.1
npm
@santandergroup-uk/edgehome-components
99.99.99
npm
@santandergroup-uk/edgehome-components
99.99.9
npm
@servicepoint/vue-project
0.0.1-security
npm
@servicepoint/vue-project
0.0.1
npm
@servicepoint/vue-project
99.99.9
npm
@spx-delivery/react
0.0.1-security
npm
@spx-delivery/react
0.0.1
npm
@spx-delivery/react
99.99.9
npm
@spx-smartsorting/vue
0.0.1-security
npm
@spx-smartsorting/vue
0.0.1
npm
@spx-smartsorting/vue
99.99.9
npm
@spx-workforceops/shared-vue
0.0.1-security
npm
@spx-workforceops/shared-vue
1.0.0
npm
@spx-workforceops/shared-vue
99.99.9
npm
@wb-team/uikit-myteam-web
0.0.1-security
npm
@wb-team/uikit-myteam-web
0.0.1
npm
@wb-team/uikit-myteam-web
99.9.9
npm
@wb-team/uikit-myteam-web
99.99.10
npm
@wb-team/uikit-myteam-web
99.99.9
npm
@wbgo/shared
0.0.1-security
npm
@wbgo/shared
0.0.1
npm
@wbgo/shared
99.9.10
npm
@wbgo/shared
99.99.10
npm
@wbgo/shared
99.99.9
npm
@workleap-widgets/client
0.0.1-security
npm
@workleap-widgets/client
100.0.0
npm
@workleap-widgets/client
100.1.1
npm
@workleap-widgets/client
77.7.7
npm
@workleap-widgets/client
88.8.8
npm
@workleap-widgets/client
99.9.9
npm
chromecast-receiver
2.0.10
npm
chromecast-receiver
2.0.9
npm
company-billing-sdk-bugbounty
99.99.99
npm
conmiyagi-map
0.0.1-security
npm
conmiyagi-map
0.0.1
npm
ersagent-frontend
9.5.5
npm
tailwind-merge-v2
0.0.1-security
npm
tailwind-merge-v2
99.99.1
npm
tailwind-merge-v3
0.0.1-security
npm
tailwind-merge-v3
99.99.1
1-50 of 50
sonatype-2026-000109 | Components Impacted | Sonatype Guide | Sonatype Guide
