Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000305
sonatype-2026-000305
Malicious Packages - Wed Jan 28 2026 [Info Stealer]
Published Feb 3, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-655.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-699.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1149.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-703.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-772.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-783.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-785.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@x-clients/features
3.1.10
npm
@x-clients/features
3.1.7
npm
@x-clients/features
3.1.8
npm
@x-clients/features
3.1.9
npm
adobe_pipeline_test
1.0.0
npm
conp-dats-editor
999.999.990
npm
conp-dats-editor
999.999.991
npm
conp-dats-editor
999.999.992
npm
conp-dats-editor
999.999.999
npm
fixerpabo_jkbts
1.0.0
npm
fixerpabo_jkbts
1.1.0
npm
hackpreinstall
0.0.1-security
npm
hackpreinstall
1.0.0
pypi
pipeline-poision-test
1.0.0
pypi
pipeline-poision-test
1.1.0
pypi
pipeline-poision-test
1.2.0
pypi
pipeline-poision-test
1.4.0
npm
ppe-test
0.0.1
npm
ppe-test
1.0.0
pypi
tokyo-ppe-test
1.0.0
pypi
uploadmsft
0.1
1-21 of 21
sonatype-2026-000305 | Components Impacted | Sonatype Guide | Sonatype Guide
