Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000144
sonatype-2026-000144
Malicious Packages - Wed Jan 14 2026 [Info Stealer /Host Data]
Published Jan 14, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-257.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-258.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-311.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-349.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-372.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-373.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
lj-wp
1.0.9
npm
silvermine
0.0.1-security
npm
silvermine
99.99.1
npm
sparkling-router
0.0.1-security
npm
sparkling-router
0.0.1
npm
tutor_table
0.0.1-security
npm
tutor_table
2.0.0
npm
tutor_table
3.0.0
npm
webmd-cookie
0.0.1-security
npm
webmd-cookie
66.6.6
npm
webmd-cookie
77.7.7
npm
webmd-debug
0.0.1-security
npm
webmd-debug
77.7.7
npm
webmd-debug
78.7.7
npm
webmd-page-common
0.0.1-security
npm
webmd-page-common
77.7.7
npm
webmd-page-common
78.7.7
1-17 of 17
sonatype-2026-000144 | Components Impacted | Sonatype Guide | Sonatype Guide
