MAL-2026-2386

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/react-native-forter/MAL-2026-2386.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-2386

Published

2026-03-24T15:57:26Z

Modified

2026-04-07T14:55:25.256430Z

Summary

Malicious code in react-native-forter (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (ff4ae821a2636c10a3e19afaaf78823613bcedf143d91c79cbdec29f20b00654)

The package react-native-forter was found to contain malicious code.

Database specific

{
    "malicious-packages-origins": [
        {
            "source": "reversing-labs",
            "id": "RLMA-2026-01811",
            "versions": [
                "1.0.0"
            ],
            "import_time": "2026-04-01T12:26:10.829780495Z",
            "modified_time": "2026-03-24T15:57:26Z",
            "sha256": "0e4728aff5f5caa8a8151a09f286f487edfa2ceb57a527671e3c15d13bda129c"
        },
        {
            "source": "amazon-inspector",
            "versions": [
                "1.0.0"
            ],
            "import_time": "2026-04-07T14:39:12.251750175Z",
            "modified_time": "2026-04-07T14:24:50Z",
            "sha256": "ff4ae821a2636c10a3e19afaaf78823613bcedf143d91c79cbdec29f20b00654"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com
- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

npm / react-native-forter

Package

Name: react-native-forter; View open source insights on deps.dev
Purl: pkg:npm/react-native-forter

Affected ranges

Affected versions

1.*

1.0.0

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/react-native-forter/MAL-2026-2386.json"