Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000558
sonatype-2026-000558
Malicious Packages - Mon Feb 23 2026 [Credential Info Stealer]
Published Feb 23, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1032.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1100.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-978.json
CVSS Score
High
7.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
microsoft-cms-client
0.0.1-security
npm
microsoft-cms-client
0.0.999
npm
microsoft-cms-client
99.0.0
npm
microsoft-cms-client
99.1.0
npm
microsoft-cms-client
999.0.0
npm
ng-vzbootstrap
0.0.1-security
npm
ng-vzbootstrap
1.0.0
npm
ng-vzbootstrap
1.0.1
npm
ng-vzbootstrap
1.0.2
npm
ng-vzbootstrap
1.0.3
npm
sample-custom-component
0.0.1-security
npm
sample-custom-component
0.0.1
npm
sample-custom-component
10.0.0
npm
sniper-react-component
1.0.0
npm
sniper-react-component
1.0.1
npm
sniper-react-component
1.0.2
1-16 of 16
sonatype-2026-000558 | Components Impacted | Sonatype Guide | Sonatype Guide
