Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000506
sonatype-2026-000506
Malicious Packages - Thu Feb 19 2026 [Credential Info Stealer]
Published Feb 19, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-939.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-999.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
ably-forks
0.0.1-security
npm
ably-forks
1.0.0
npm
ably-forks
1.0.1
npm
react-dropzone-truffle
0.0.1-security
npm
react-dropzone-truffle
100.11.9
npm
react-dropzone-truffle
100.12.0
npm
react-dropzone-truffle
100.12.5
npm
react-dropzone-truffle
100.13.5
npm
react-dropzone-truffle
100.19.5
npm
react-dropzone-truffle
100.21.9
npm
react-dropzone-truffle
100.22.9
npm
react-dropzone-truffle
100.25.9
npm
react-dropzone-truffle
100.27.9
npm
react-dropzone-truffle
100.5.0
npm
react-dropzone-truffle
100.6.9
npm
react-dropzone-truffle
20.0.0
npm
react-dropzone-truffle
20.1.1
npm
react-dropzone-truffle
20.5.0
npm
react-dropzone-truffle
20.5.1
npm
react-dropzone-truffle
99.99.9
1-20 of 20
sonatype-2026-000506 | Components Impacted | Sonatype Guide | Sonatype Guide
