Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000427
sonatype-2026-000427
Malicious Packages - Mon Feb 16 2026 [Credential Info Stealer]
Published Feb 16, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-871.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-908.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@cewe-onsitesearch/schemas
100.0.0
npm
@cewe-onsitesearch/schemas
99.0.0
npm
@cewe-onsitesearch/schemas
99.0.1
npm
@legacy-components/core
100.0.0
npm
@legacy-ui/core
100.0.0
npm
@legacy-utils/core
100.0.0
npm
@tl-icons/core
100.0.0
npm
adobe-tracking
100.0.0
npm
advertising-events
99.0.0
npm
advertising-events
99.0.1
npm
advertising-events
99.0.2
npm
advertising-podlet
99.0.0
npm
advertising-podlet
99.0.1
npm
advertising-podlet
99.0.2
npm
advertising-shared
99.0.0
npm
advertising-shared
99.0.1
npm
advertising-shared
99.0.2
npm
backstage-plugin-wpe-catalog
100.0.0
npm
braze-content-card-island
99.0.0
npm
braze-content-card-island
99.0.1
npm
braze-content-card-island
99.0.2
npm
cms-contentful
100.0.0
npm
constant-values
100.0.0
npm
dpc-sign
100.0.0
npm
envoy1
0.0.1-security
npm
envoy1
1.0.0
npm
envoy1
1.0.10
npm
envoy1
1.0.11
npm
envoy1
1.0.12
npm
envoy1
1.0.13
npm
envoy1
1.0.14
npm
envoy1
1.0.15
npm
envoy1
1.0.16
npm
envoy1
1.0.17
npm
envoy1
1.0.1
npm
envoy1
1.0.2
npm
envoy1
1.0.3
npm
envoy1
1.0.4
npm
envoy1
1.0.5
npm
envoy1
1.0.6
npm
envoy1
1.0.7
npm
envoy1
1.0.8
npm
envoy1
1.0.9
npm
fhir.base.template
1.0.0
npm
hops-preset-jest
0.0.1-security
npm
hops-preset-jest
1.0.0
npm
integration-icons
100.0.0
npm
internal-api-insights
100.0.0
npm
legacy-shared-frontend
100.0.0
npm
loyalty-card
100.0.0
1-50 of 61
sonatype-2026-000427 | Components Impacted | Sonatype Guide | Sonatype Guide
