MAL-2025-48637

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/dhemrdhs92009/MAL-2025-48637.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-48637
Published
2025-10-26T19:03:27Z
Modified
2025-12-02T10:09:30.046187Z
Summary
Malicious code in dhemrdhs92009 (npm)
Details

The package dhemrdhs92009 was found to contain malicious code.

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2025-12-02T09:09:44.665068144Z",
            "modified_time": "2025-12-01T13:07:41Z",
            "source": "reversing-labs",
            "sha256": "e2c8b4233e753c63eaec8dae360df39ba5b2f827078b1a7f87f1bf1c4d0c2c59",
            "id": "RLMA-2025-05734",
            "versions": [
                "1.250723.10755",
                "1.250723.11344",
                "1.250725.11100",
                "1.250725.11459",
                "1.250801.10752",
                "1.250801.11637",
                "1.250801.11644",
                "1.250817.11442",
                "1.250817.11727",
                "1.250817.11747",
                "1.250817.11810",
                "1.250821.11343",
                "1.250910.11824",
                "1.250917.11521",
                "1.250917.11919",
                "1.250924.11150"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / dhemrdhs92009

Package

Name
dhemrdhs92009
View open source insights on deps.dev
Purl
pkg:npm/dhemrdhs92009

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.250723.10755
1.250723.11344
1.250725.11100
1.250725.11459
1.250801.10752
1.250801.11637
1.250801.11644
1.250817.11442
1.250817.11727
1.250817.11747
1.250817.11810
1.250821.11343
1.250910.11824
1.250917.11521
1.250917.11919
1.250924.11150

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/dhemrdhs92009/MAL-2025-48637.json"