Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000622

sonatype-2026-000622

Malicious Packages - Fri Feb 27 2026 [Info Stealer]

Published Feb 27, 2026

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1059.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1061.json

CVSS ScoreMedium

5.3

Ecosystem	Package	Version


npm	azurestack-common	1.0.0
npm	azurestack-common	1.0.1
npm	azurestack-common	1.0.2
npm	codeanalysis-common	1.0.0
npm	codeanalysis-common	1.0.1
npm	codeanalysis-common	1.0.2
npm	codecoverage-tools	1.0.0
npm	codecoverage-tools	1.0.1
npm	codecoverage-tools	1.0.2
npm	codecoverage-tools	1.0.3
npm	naughty-package	1.0.1
npm	newman-reporter-genuinepoc	1.0.0
npm	newman-reporter-genuinepoc	1.0.1
npm	nuget-task-common	1.0.0
npm	nuget-task-common	1.0.1
npm	nuget-task-common	1.0.2
npm	nuget-task-common	1.0.3
npm	nuget-task-common	1.0.4
npm	securefiles-common	1.0.0
npm	securefiles-common	1.0.1
npm	securefiles-common	1.0.3
npm	ssh-common	1.0.0
npm	ssh-common	1.0.1
npm	ssh-common	1.0.2

sonatype-2026-000622 | Components Impacted | Sonatype Guide | Sonatype Guide