MAL-2026-2708
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@3stripes/toolkit/MAL-2026-2708.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-2708
- Published
- 2026-04-16T09:28:30Z
- Modified
- 2026-04-23T21:10:37.901441Z
- Summary
- Malicious code in @3stripes/toolkit (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (4529c8ef3e0953799338bc7e0cc7d6ce4f1d8797b3e0984d362ebd26df6bec1c)
The package @3stripes/toolkit was found to contain malicious code.
- Database specific
{ "malicious-packages-origins": [ { "sha256": "3e688987c305e8fd68079e8f717275d092f2266c4e8c7bc81fdaa0c8a20726d0", "id": "RLMA-2026-01846", "source": "reversing-labs", "modified_time": "2026-04-16T09:28:30Z", "versions": [ "999.0.0", "999.0.2", "999.0.3" ], "import_time": "2026-04-16T15:38:46.544574456Z" }, { "sha256": "4529c8ef3e0953799338bc7e0cc7d6ce4f1d8797b3e0984d362ebd26df6bec1c", "import_time": "2026-04-23T20:49:16.142126516Z", "source": "amazon-inspector", "modified_time": "2026-04-23T20:43:56Z", "versions": [ "999.0.0", "999.0.2", "999.0.3" ] } ] }- References
-
- Credits
-
-
- Amazon Inspector - FINDER
-
- ReversingLabs - FINDER
-
Affected packages
npm / @3stripes/toolkit
Package
- Name
- @3stripes/toolkit
- View open source insights on deps.dev
- Purl
- pkg:npm/%403stripes/toolkit