Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000189
sonatype-2026-000189
NPM Security Holding Packages - Tue Jan 20 2026
Published Jan 20, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-353.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-354.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-358.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-359.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-360.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-361.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-362.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-363.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-364.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-365.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-367.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-370.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-374.json
CVSS Score
Critical
10.0
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
advanced-svg-fetcher
0.0.1-security
npm
advanced-svg-fetcher
1.0.0
npm
advanced-svg-fetcher
1.1.0
npm
advanced-svg-fetcher
1.1.1
npm
astris.js
0.0.1-security
npm
astris.js
0.0.1
npm
dot-env-buffer
0.0.1-security
npm
dot-env-buffer
1.0.0
npm
dreame-claude
0.0.1-security
npm
dreame-claude
1.1.0
npm
dreame-claude
1.1.1
npm
dreame-claude
1.1.2
npm
dreame-claude
1.1.3
npm
dreame-claude
1.1.4
npm
dreame-claude
1.1.5
npm
dreame-claude
1.1.6
npm
dreame-claude
1.1.7
npm
dreame-claude
1.1.8
npm
dreame-claude
1.1.9
npm
dreame-claude
1.2.0
npm
dreame-claude
1.2.10
npm
dreame-claude
1.2.11
npm
dreame-claude
1.2.12
npm
dreame-claude
1.2.13
npm
dreame-claude
1.2.14
npm
dreame-claude
1.2.15
npm
dreame-claude
1.2.16
npm
dreame-claude
1.2.1
npm
dreame-claude
1.2.2
npm
dreame-claude
1.2.3
npm
dreame-claude
1.2.4
npm
dreame-claude
1.2.5
npm
dreame-claude
1.2.6
npm
dreame-claude
1.2.7
npm
dreame-claude
1.2.8
npm
dreame-claude
1.2.9
npm
dux-portal
0.0.1-security
npm
dux-portal
1.0.0
npm
excel-to-json-test
0.0.1-security
npm
excel-to-json-test
0.9.9
npm
excel-to-json-test
1.9.9
npm
excel-to-json-test
2.9.9
npm
excel-to-json-test
3.9.9
npm
excel-to-json-test
4.9.9
npm
excel-to-json-test
5.9.9
npm
excel-to-json-test
6.9.9
npm
excel-to-json-test
7.9.9
npm
excel-to-json-test
8.9.9
npm
excel-to-json-test
9.9.9
npm
gu-global-ec-uikit
0.0.1-security
1-50 of 112
sonatype-2026-000189 | Components Impacted | Sonatype Guide | Sonatype Guide
