MAL-2026-1641

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@uc-platform/user-service-client-ts/MAL-2026-1641.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-1641
Published
2026-03-18T12:34:57Z
Modified
2026-03-23T05:39:19.238688Z
Summary
Malicious code in @uc-platform/user-service-client-ts (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (e3b540186390d5c469d9b5de607c8d6b64fc0315e70c245ec70c16f1732058cc)

The package @uc-platform/user-service-client-ts was found to contain malicious code.

Database specific 
{
    "malicious-packages-origins": [
        {
            "sha256": "c9a9407aa3a96c539f7d6da814074e858048cf441d4cbfbb7d2b32804ecf13ab",
            "import_time": "2026-03-19T12:18:29.942848953Z",
            "modified_time": "2026-03-18T12:34:57Z",
            "versions": [
                "99.99.9"
            ],
            "id": "RLMA-2026-01072",
            "source": "reversing-labs"
        },
        {
            "sha256": "e3b540186390d5c469d9b5de607c8d6b64fc0315e70c245ec70c16f1732058cc",
            "import_time": "2026-03-23T05:14:10.908528632Z",
            "modified_time": "2026-03-23T05:11:41Z",
            "versions": [
                "99.99.9"
            ],
            "source": "amazon-inspector"
        }
    ]
}
References
Credits

Affected packages

npm / @uc-platform/user-service-client-ts

Package

Name
@uc-platform/user-service-client-ts
View open source insights on deps.dev
Purl
pkg:npm/%40uc-platform/user-service-client-ts

Affected ranges

Affected versions

99.*
99.99.9

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@uc-platform/user-service-client-ts/MAL-2026-1641.json"