Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000580
sonatype-2026-000580
Malicious Packages - Wed Feb 25 2026 [Dropper]
Published Feb 25, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1188.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1204.json
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
alpha-replicator
0.0.1-security
npm
alpha-replicator
1.4.7
npm
market-pulse
1.4.7
npm
polygon-bitquery-api
0.0.1-security
npm
polygon-bitquery-api
2.2.3
npm
supportgameapp
2.1.3
npm
tailwindcss-form-bundler
1.4.0
npm
tailwindcss-forms-animation
1.2.5
npm
tailwindcss-forms-componentes
1.5.5
npm
tailwindcss-plugin-forms
1.4.0
1-10 of 10
sonatype-2026-000580 | Components Impacted | Sonatype Guide | Sonatype Guide
