Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000112

sonatype-2026-000112

Malicious Packages - Tue Jan 13 2026 [Credential Info Stealer /Source Code Files / Credentials]

Published Jan 13, 2026

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-530.json

CVSS ScoreHigh

7.1

Ecosystem	Package	Version


npm	grepleaks	0.0.1-security
npm	grepleaks	1.0.1
npm	grepleaks	1.0.2
npm	grepleaks	1.0.3
npm	grepleaks	1.0.4
npm	grepleaks	1.1.0
npm	grepleaks	1.2.0
npm	grepleaks	1.2.1
npm	grepleaks	1.2.2
npm	grepleaks	1.2.3
npm	grepleaks	1.2.4
npm	grepleaks	1.2.5
npm	grepleaks	1.3.0
npm	grepleaks	1.3.1
npm	grepleaks	1.3.2
npm	grepleaks	1.3.3
npm	grepleaks	1.3.4
npm	grepleaks	1.3.6
npm	grepleaks	1.3.7
npm	grepleaks	1.3.8
npm	grepleaks	1.4.0
npm	grepleaks	1.4.1
npm	grepleaks	1.4.2
npm	grepleaks	1.4.3
npm	grepleaks	1.4.4
npm	grepleaks	1.4.5
npm	grepleaks	1.4.6
npm	grepleaks	1.4.7
npm	grepleaks	1.4.8
npm	grepleaks	1.4.9
npm	grepleaks	1.5.0
npm	grepleaks	1.5.1
npm	grepleaks	1.5.2
npm	grepleaks	1.5.3
npm	grepleaks	1.5.4
npm	grepleaks	1.5.5
npm	grepleaks	1.5.6
npm	grepleaks	1.5.7
npm	grepleaks	1.5.8
npm	grepleaks	1.5.9
npm	grepleaks	1.6.0
npm	grepleaks	1.6.1
npm	grepleaks	1.7.0
npm	grepleaks	1.7.1
npm	grepleaks	1.7.2
npm	grepleaks	1.7.3
npm	grepleaks	1.8.0
npm	grepleaks	1.8.1

sonatype-2026-000112 | Components Impacted | Sonatype Guide | Sonatype Guide