Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000416
sonatype-2026-000416
Malicious Packages - Thu Feb 12 2026 [Credential Info Stealer]
Published Feb 12, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-871.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
browser-compat-data
0.0.1
npm
browser-compat-data
8.0.11
npm
charswap
7.2.7
npm
dotjsenv
1.1.7
npm
dotnetenv
1.1.7
npm
envoy1
0.0.1-security
npm
envoy1
1.0.0
npm
envoy1
1.0.10
npm
envoy1
1.0.11
npm
envoy1
1.0.12
npm
envoy1
1.0.13
npm
envoy1
1.0.14
npm
envoy1
1.0.15
npm
envoy1
1.0.16
npm
envoy1
1.0.17
npm
envoy1
1.0.1
npm
envoy1
1.0.2
npm
envoy1
1.0.3
npm
envoy1
1.0.4
npm
envoy1
1.0.5
npm
envoy1
1.0.6
npm
envoy1
1.0.7
npm
envoy1
1.0.8
npm
envoy1
1.0.9
npm
js-coauth
7.2.7
npm
js-copack
1.1.7
npm
js-copack
1.1.8
npm
js-copack
7.2.7
npm
js-cotype
4.1.4
npm
js-multer
5.1.7
npm
js-nodecat
1.0.7
npm
js-repack
5.1.0
npm
js-unpack
1.1.7
npm
js-unpack
1.1.8
npm
js-uponcaps
7.2.7
npm
json-getin
7.2.7
npm
json-oauth
7.2.7
npm
json-prop
2.0.7
npm
json-ptype
1.1.7
npm
json-swap
7.2.7
npm
jsonauth
7.2.7
npm
jsonauthcap
7.2.7
npm
jsonauto
5.1.0
npm
jsoncap
5.1.0
npm
jsonrecap
3.1.8
npm
jsonretype
7.2.7
npm
jsonretype
7.2.8
npm
jsonretype
7.2.9
npm
jsonucap
5.1.0
npm
jsonupon
7.2.7
1-50 of 64
sonatype-2026-000416 | Components Impacted | Sonatype Guide | Sonatype Guide
