Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000585
sonatype-2026-000585
Malicious Packages - Wed Feb 25 2026 [Lazarus] [Dropper]
Published Feb 25, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
jsonify-bundler
4.3.10
npm
jsonify-bundler
4.3.11
npm
jsonify-bundler
4.3.12
npm
jsonify-bundler
4.3.13
npm
jsonify-bundler
4.3.14
npm
jsonify-bundler
4.3.15
npm
jsonify-bundler
4.3.16
npm
jsonify-bundler
4.3.17
npm
jsonify-bundler
4.3.18
npm
jsonify-bundler
4.3.19
npm
jsonify-bundler
4.3.20
npm
jsonify-bundler
4.3.21
npm
jsonify-bundler
4.3.9
1-13 of 13
sonatype-2026-000585 | Components Impacted | Sonatype Guide | Sonatype Guide
