MAL-2026-1725
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/env-workflow-test/MAL-2026-1725.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-1725
- Published
- 2026-03-18T12:48:56Z
- Modified
- 2026-03-23T05:42:08.069874Z
- Summary
- Malicious code in env-workflow-test (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (6c69ec15e609dd6c0e6dacd007a2467cc5e24a118f60cca22ec48c3b8225c4df)
The package env-workflow-test was found to contain malicious code.
- Database specific
{ "malicious-packages-origins": [ { "modified_time": "2026-03-18T12:48:56Z", "import_time": "2026-03-19T12:18:49.080564068Z", "versions": [ "2.1.4", "2.1.5", "2.1.6", "2.1.7", "2.1.8", "2.1.9", "2.1.10", "2.1.12", "2.1.13", "2.1.14", "2.1.15", "2.1.16", "2.1.17", "2.1.18", "2.1.19", "2.1.20", "2.1.21", "2.1.22", "2.1.23" ], "sha256": "7e1e87193ac77c5f02695ec769b333d7ce96e67d9deb9e37e78723c898f362d9", "source": "reversing-labs", "id": "RLMA-2026-01286" }, { "import_time": "2026-03-23T05:14:36.973677318Z", "versions": [ "2.1.4", "2.1.5", "2.1.6", "2.1.7", "2.1.8", "2.1.9", "2.1.10", "2.1.12", "2.1.13", "2.1.14", "2.1.15", "2.1.16", "2.1.17", "2.1.18", "2.1.19", "2.1.20", "2.1.21", "2.1.22", "2.1.23" ], "sha256": "6c69ec15e609dd6c0e6dacd007a2467cc5e24a118f60cca22ec48c3b8225c4df", "source": "amazon-inspector", "modified_time": "2026-03-23T05:11:41Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- ReversingLabs - FINDER
-
Affected packages
npm / env-workflow-test
Package
- Name
- env-workflow-test
- View open source insights on deps.dev
- Purl
- pkg:npm/env-workflow-test