MAL-2026-10134

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/stella-coder/MAL-2026-10134.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10134
Published
2026-07-10T15:59:07Z
Modified
2026-07-10T16:32:00.273977699Z
Summary
Malicious code in stella-coder (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (f0c3ed879ef15a68d537ad7b6ddb59508aba58eee49c8ca19b916ef59a0c2da6)

stella-cli/telegram-bot.mjs hardcodes a Telegram bot API token (BOTTOKEN = "8923551485:AAFw4wG8ZwOtp5rzFsnguxhu4AH-2ebSi0") that is controlled by the package author. When the user invokes the /tg CLI command, the package starts a Telegram bot on the installer's machine that receives messages over api.telegram.org and passes them into execSync(node stella-cli/index.mjs -p "${text}"), invoking a shell-capable AI agent CLI with attacker-supplied input. Because the messaging channel is bound to a token the author retains, the author observes all bot traffic — including the 4-digit admin authorization code exchanged over that same channel — and can replay it to reach the command-execution path on any installer that enables /tg. telegram-bot.mjs additionally sends os.hostname() and os.userInfo().username to the same author-controlled bot. A hardcoded PREMIUM_CODE = "10102013" acts as a universal activation key that unlocks the remote-control feature-set without payment. package.json sets "main": "stella-cli/index.mjs", whose top-level executes main() and starts the interactive CLI on require/import, extending the reach of the /tg surface beyond the bin entry. There are no install lifecycle hooks; the backdoor fires when the user runs the CLI (or a consumer imports the module) and invokes /tg.

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "14c39e61e71e2a0e8cdbd42c8dc974ff425e03b27bc8a062b7c64cd6e09a0382",
            "id": "IN-MAL-2026-009629",
            "import_time": "2026-07-10T16:19:43.048541644Z",
            "modified_time": "2026-07-10T15:59:17Z",
            "versions": [
                "5.0.0"
            ],
            "source": "amazon-inspector"
        },
        {
            "sha256": "9dbd590476f6ed75799dfbea98c4f3e1d30f09d02fce6081afed3f95411ea07b",
            "id": "IN-MAL-2026-009628",
            "import_time": "2026-07-10T16:19:42.915036906Z",
            "modified_time": "2026-07-10T15:59:07Z",
            "versions": [
                "5.1.0"
            ],
            "source": "amazon-inspector"
        },
        {
            "sha256": "e7c1d21730856f349a9a7ae0af9ac0a96b018eaecb8e09356769087238da7449",
            "id": "IN-MAL-2026-009631",
            "modified_time": "2026-07-10T15:59:33Z",
            "versions": [
                "5.1.1"
            ],
            "import_time": "2026-07-10T16:19:43.294718076Z",
            "source": "amazon-inspector"
        },
        {
            "sha256": "f0c3ed879ef15a68d537ad7b6ddb59508aba58eee49c8ca19b916ef59a0c2da6",
            "id": "IN-MAL-2026-009630",
            "import_time": "2026-07-10T16:19:43.171866894Z",
            "versions": [
                "4.0.0"
            ],
            "modified_time": "2026-07-10T15:59:24Z",
            "source": "amazon-inspector"
        },
        {
            "versions": [
                "5.0.1"
            ],
            "id": "IN-MAL-2026-009632",
            "import_time": "2026-07-10T16:19:43.392758621Z",
            "modified_time": "2026-07-10T15:59:42Z",
            "sha256": "735f977af77fc57d1a4bf8e68e001c9c72445b0440fb4de0703a64c6702ed7eb",
            "source": "amazon-inspector"
        },
        {
            "sha256": "79b07b496c037e1933c66f3f9f84a8cfcc92e9b647b78735f6f30e9d3763cee4",
            "id": "IN-MAL-2026-009634",
            "import_time": "2026-07-10T16:19:43.678138713Z",
            "modified_time": "2026-07-10T15:59:59Z",
            "versions": [
                "5.1.2"
            ],
            "source": "amazon-inspector"
        }
    ]
}
References
Credits

Affected packages

npm / stella-coder

Package

Affected ranges

Affected versions

4.*
4.0.0
5.*
5.0.0
5.0.1
5.1.0
5.1.1
5.1.2

Database specific

indicators
{
    "evidence_files": [
        {
            "tlsh": "eed2f7a130ba56244242bda6d53a3d053635c26ffe293d90787d47e42f3d86cceb9788",
            "sha256": "79d66206b49c7780e4441c039ae69d9bd83ed9cbd9bb486d6b34105e0e498d5b",
            "path": "stella-cli/telegram-bot.mjs"
        }
    ],
    "package_integrity": [
        {
            "filename": "stella-coder-5.0.0.tgz",
            "hashes": {
                "sha512_sri": "sha512-uO8NgQrlBI+mRyRPRWWyBsGSfEtrHcN8z5RmIkX6jFOuWJHsxLaGtnXiYBNIwf96/ZbHbhFUsv8HSlc/eRT/1w==",
                "sha1": "27497851e98fa52451ec4b3160487d1715cf9169"
            }
        }
    ]
}
cwes
[
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/stella-coder/MAL-2026-10134.json"