Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000239

sonatype-2026-000239

graphflowx - Mon Jan 26 2026 [Dropper] [Lazarus]

Published Jan 26, 2026

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-834.json

CVSS ScoreHigh

8.7

Ecosystem	Package	Version


npm	graphflowx	0.0.1-security
npm	graphflowx	1.0.0
npm	graphflowx	1.0.1
npm	graphflowx	1.0.2
npm	graphflowx	1.0.3

sonatype-2026-000239 | Components Impacted | Sonatype Guide | Sonatype Guide