sonatype-2026-000972

Malicious Packages - Fri Mar 06 2026 [Dropper]

Published Mar 6, 2026

CVSS ScoreHigh

8.7

CVE ID: sonatype-2026-000972
CWE: N/A
CVE Description: Malicious Packages - Fri Mar 06 2026 [Dropper]
Published: Mar 6, 2026
CVSS Score & Severity: 8.7High
CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: Sonatype
References: https://help.sonatype.com/en/sonatype-malware-data.htmlTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-2160.jsonTHIRD_PARTY

CVE ID: sonatype-2026-000972
CWE: N/A
CVE Description: Malicious Packages - Fri Mar 06 2026 [Dropper]
Published: Mar 6, 2026
CVSS Score & Severity: 8.7High
CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: Sonatype
References: https://help.sonatype.com/en/sonatype-malware-data.htmlTHIRD_PARTY
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-2160.jsonTHIRD_PARTY

Find vulnerabilities. Fix fast with AI.