MAL-2026-1880

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/zero-develop-component-library/MAL-2026-1880.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-1880
Published
2026-03-18T13:17:24Z
Modified
2026-03-23T05:35:27.085527Z
Summary
Malicious code in zero-develop-component-library (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (b25ede928413a72b6cfc25c807bc6f5902bd1b9d00f1d3d83624e237da613fb1)

The package zero-develop-component-library was found to contain malicious code.

Database specific 
{
    "malicious-packages-origins": [
        {
            "id": "RLMA-2026-01671",
            "import_time": "2026-03-19T12:19:17.611457482Z",
            "sha256": "fb5276c34ca4f94e2bd07e6b813068a6c0b9e379439d246159f5246cb98a2c7e",
            "source": "reversing-labs",
            "modified_time": "2026-03-18T13:17:24Z",
            "versions": [
                "99.99.2"
            ]
        },
        {
            "import_time": "2026-03-23T05:14:20.552660907Z",
            "sha256": "b25ede928413a72b6cfc25c807bc6f5902bd1b9d00f1d3d83624e237da613fb1",
            "source": "amazon-inspector",
            "modified_time": "2026-03-23T05:11:41Z",
            "versions": [
                "99.99.2"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / zero-develop-component-library

Package

Name
zero-develop-component-library
View open source insights on deps.dev
Purl
pkg:npm/zero-develop-component-library

Affected ranges

Affected versions

99.*
99.99.2

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/zero-develop-component-library/MAL-2026-1880.json"