Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000546
sonatype-2026-000546
Malicious Packages - Fri Feb 20 2026 [Credential Info Stealer]
Published Feb 20, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-253.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-254.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-449.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-467.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-5.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-808.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-844.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-923.json
https://osv-vulnerabilities.storage.googleapis.com/PyPI/MAL-2026-924.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1189.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1190.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1195.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1207.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
auto-backup-linux
1.0.1
pypi
auto-backup-linux
1.0.2
pypi
auto-backup-linux
1.0.3
pypi
auto-backup-linux
1.0.4
pypi
auto-backup-linux
1.0.5
pypi
auto-backup-linux
1.0.6
pypi
auto-backup-linux
1.0.7
pypi
auto-backup-macos
1.0.0
pypi
auto-backup-macos
1.0.2
pypi
auto-backup-macos
1.0.3
pypi
auto-backup-macos
1.0.5
pypi
auto-backup-macos
1.0.6
pypi
auto-backup-macos
1.0.7
npm
bmath
0.0.1-security
npm
bmath
1.0.0
npm
bmath
1.0.1
npm
bmath
1.0.2
npm
bmath
1.0.3
npm
bubblemap-bypass-sdk
0.0.1-security
npm
bubblemap-bypass-sdk
1.0.0
npm
bubblemap-bypass-sdk
1.0.1
npm
bubblemap-bypass-sdk
1.0.2
npm
bubblemap-bypass-sdk
1.0.3
npm
bubblemap-bypass-sdk
1.0.4
npm
bubblemap-bypass-sdk
1.0.5
pypi
carcent
2.1.0
pypi
clipcord
1.7.0
pypi
clipcord
1.7.1
pypi
clipcord
1.7.2
npm
consolelofy
0.0.1-security
npm
consolelofy
1.0.0
npm
consolelofy
1.0.1
npm
consolelofy
1.2.7
npm
consolelofy
1.2.8
npm
consolelofy
1.2.9
npm
consolelofy
1.3.0
npm
consolelofy
1.3.1
npm
consolelofy
1.3.2
npm
consolelofy
1.3.3
pypi
dc-social-toolkit
0.1.0
pypi
flask-logger2
2.6.1
pypi
hairest
2.1.0
pypi
hairest
2.3.2
pypi
hairest
2.3.3
pypi
icloud-recovery
0.1.0
pypi
icloud-recovery
0.1.1
pypi
icloud-recovery
0.1.2
pypi
icloud-recovery
0.1.5
pypi
icloud-recovery
0.1.6
pypi
icloud-recovery
0.2.0
1-50 of 84
sonatype-2026-000546 | Components Impacted | Sonatype Guide | Sonatype Guide
