Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000309
sonatype-2026-000309
Malicious Packages - Wed Jan 28 2026 [Dropper]
Published Feb 3, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-751.json
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
carbon-mac-copy-cloner
1.1.0
npm
carbon-mac-copy-cloner
1.1.10
npm
carbon-mac-copy-cloner
1.1.1
npm
carbon-mac-copy-cloner
1.1.2
npm
carbon-mac-copy-cloner
1.1.3
npm
carbon-mac-copy-cloner
1.1.4
npm
carbon-mac-copy-cloner
1.1.5
npm
carbon-mac-copy-cloner
1.1.6
npm
carbon-mac-copy-cloner
1.1.7
npm
carbon-mac-copy-cloner
1.1.8
npm
carbon-mac-copy-cloner
1.1.9
npm
carbon-mac-copy-cloner
1.2.1
npm
carbon-mac-copys-cloner
1.2.2
npm
express_update
0.0.1-security
npm
express_update
5.2.1
npm
express_update
5.2.2
npm
express_update
5.2.4
npm
mongooose_update
9.1.7
npm
mongooose_updated
9.1.7
npm
ongose
9.1.7
npm
react-performance-suite
2.0.0
npm
react-performance-suite
2.0.1
npm
react-sdkk
1.1.55
npm
reactt-sdkk
1.1.55
npm
rreact-sdk
1.1.55
1-25 of 25
sonatype-2026-000309 | Components Impacted | Sonatype Guide | Sonatype Guide
