Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2026-000636
sonatype-2026-000636
Malicious Packages - Mon Mar 02 2026 [Info Stealer]
Published Mar 2, 2026
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1081.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1095.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1096.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1221.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-1227.json
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
gaia-marionette
1.0.1
npm
gaia-marionette
1.0.2
npm
gaia-marionette
1.0.3
npm
jquery-display
9.9.9
npm
jquery-display
99.9.9
npm
jsx-import-test
1.0.1
npm
mangeshhackerhai
1.0.1
npm
marionette-react-view
0.0.1-security
npm
marionette-react-view
9.999.0
npm
marionette-react-view
9.999.1
npm
marionette-react-view
9.999.2
npm
native_dep
1.0.1
npm
sketch-measure
99.9.9
npm
sketch-measure
991.9.9
npm
xrpl-dev-portal
0.0.1-security
npm
xrpl-dev-portal
1.0.0
npm
xrpl-dev-portal
1.0.1
npm
xrpl-dev-portal
1.0.2
npm
xrpl-dev-portal
1.0.3
1-19 of 19
sonatype-2026-000636 | Components Impacted | Sonatype Guide | Sonatype Guide
