MAL-2026-1872
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/user_migration/MAL-2026-1872.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-1872
- Published
- 2026-03-18T13:14:28Z
- Modified
- 2026-03-23T05:47:13.379537Z
- Summary
- Malicious code in user_migration (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (6a952d55363362a942ec86eee421ffd30f1de7fbc2e9575ea1a37eaae9a73603)
The package user_migration was found to contain malicious code.
- Database specific
{ "malicious-packages-origins": [ { "sha256": "7f93e2496734194de8ff6fc8257c074331b1aee97c6eb7d33459d8815a1364ef", "import_time": "2026-03-19T12:19:14.97138142Z", "modified_time": "2026-03-18T13:14:28Z", "versions": [ "9.99.9" ], "id": "RLMA-2026-01636", "source": "reversing-labs" }, { "sha256": "6a952d55363362a942ec86eee421ffd30f1de7fbc2e9575ea1a37eaae9a73603", "import_time": "2026-03-23T05:14:38.668269428Z", "modified_time": "2026-03-23T05:11:41Z", "versions": [ "9.99.9" ], "source": "amazon-inspector" } ] }- References
-
- Credits
-
-
- Amazon Inspector - FINDER
-
- ReversingLabs - FINDER
-
Affected packages
npm / user_migration
Package
- Name
- user_migration
- View open source insights on deps.dev
- Purl
- pkg:npm/user_migration