Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000554
sonatype-2026-000554
Malicious Packages - Mon Feb 23 2026 [Info Stealer]
Published Feb 23, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-987.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-991.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-992.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-993.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-994.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-995.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
vl-ui-accessibility
1.0.0
npm
vl-ui-accessibility
99.99.1
npm
vl-ui-action-group
1.0.0
npm
vl-ui-action-group
10.1.1
npm
vl-ui-alert
1.0.0
npm
vl-ui-alert
99.99.1
npm
vl-ui-alert
99.99.2
npm
vl-ui-body
1.0.4
npm
vl-ui-body
10.1.1
npm
vl-ui-breadcrumb
1.0.0
npm
vl-ui-breadcrumb
10.1.1
npm
vl-ui-button
1.0.0
npm
vl-ui-button
10.1.1
npm
vl-ui-checkbox
1.0.0
npm
vl-ui-checkbox
10.1.1
npm
vl-ui-code-preview
1.0.0
npm
vl-ui-code-preview
10.1.1
npm
vl-ui-contact-card
1.0.0
npm
vl-ui-contact-card
10.1.1
1-19 of 19
sonatype-2026-000554 | Components Impacted | Sonatype Guide | Sonatype Guide
