MAL-2025-6829

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/tensorflowjs/MAL-2025-6829.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-6829
Aliases
  • SNYK-JS-TENSORFLOWJS-12670374
Published
2025-08-12T17:09:51Z
Modified
2026-03-19T12:48:46.640499Z
Summary
Malicious code in tensorflowjs (npm)
Details

Package is malicious due to code obfuscation, arbitrary command execution via child_process.spawn, and suspicious postinstall script.

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "id": "RLMA-2025-04703",
            "import_time": "2025-08-29T06:42:38.279293777Z",
            "sha256": "c0e2d4e742598129f3703c03a304e085e99295fbc5169b3e16902dd3dc33692a",
            "source": "reversing-labs",
            "modified_time": "2025-08-28T07:41:48Z",
            "versions": [
                "0.6.8",
                "0.6.9",
                "0.7.0"
            ]
        },
        {
            "id": "RLUA-2026-01612",
            "import_time": "2026-03-19T12:21:01.621411892Z",
            "sha256": "54ed4038fbe5eee9ed09656abbbf1fb00e7562462d99b9ff872c779b2cd8d53e",
            "source": "reversing-labs",
            "modified_time": "2026-03-18T13:12:22Z"
        }
    ]
}
References
Credits

Affected packages

npm / tensorflowjs

Package

Name
tensorflowjs
View open source insights on deps.dev
Purl
pkg:npm/tensorflowjs

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.6.8
0.6.9
0.7.0

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/tensorflowjs/MAL-2025-6829.json"