Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000569
sonatype-2026-000569
Malicious Packages - Tue Feb 24 2026 [Lazarus] [Dropper]
Published Feb 24, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
argon-node
3.5.7
npm
argon-web3-chain
2.4.5
npm
argonnode
2.4.5
npm
chai-await
2.4.5
npm
chai-await-cli
2.3.5
npm
chai-chain-argon
3.5.7
npm
chai-chain-cognivault
2.3.5
npm
chai-chain-neurograde
2.3.5
npm
chai-chain-sinon
2.4.5
npm
chai-cli
2.4.5
npm
chai-cli-async
3.3.5
npm
chai-cli-await
2.4.5
npm
chai-cli-sinon
2.4.5
npm
chai-promised-plugin
2.3.5
npm
chain-argon
2.4.5
npm
chain-cli-promised
2.3.5
npm
chain-cognivault
2.3.5
npm
chain-coremesh
2.3.5
npm
chain-multer
3.5.7
npm
chain-neurograde
2.4.7
npm
chain-promised
2.3.5
npm
chain-promised-async
3.5.5
npm
chain-promised-await
3.5.5
npm
chain-promised-cli
3.3.5
npm
chain-test-await
2.5.5
npm
dotenv-cli-node
2.4.5
npm
dotenv-int
3.5.5
npm
dotenv-node-cli
3.3.5
npm
dotenv-node-promised
2.3.5
npm
dotenv-plugin
2.3.5
npm
dotenv-promised
2.3.5
npm
dotenv-xtend
2.5.5
npm
dotenvx-int
3.5.5
npm
dotenvx-node-cli
2.4.5
npm
env-extend
2.5.5
npm
node-argon
2.4.5
npm
node-cli-dotenv
2.4.5
npm
node-cognivault
2.3.5
npm
node-coremesh
2.3.5
npm
node-dotenv-cli
2.4.5
npm
node-multer
3.5.7
npm
node-neurograde
2.4.7
npm
nodecognivault
2.3.5
npm
nodeneurograde
2.3.5
npm
shield-node
2.4.5
npm
sinon-node
2.4.5
npm
sinon-web3-chain
2.4.5
npm
web3-chain-sinon
3.5.7
npm
web3-sinon
3.3.5
1-49 of 49
sonatype-2026-000569 | Components Impacted | Sonatype Guide | Sonatype Guide
