MAL-2026-2758

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/estaspnet/MAL-2026-2758.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-2758
Published
2026-04-16T09:55:13Z
Modified
2026-04-23T21:15:37.385270Z
Summary
Malicious code in estaspnet (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (2c5d06cbbad43dc5b62ae0a9cd37980a791be8e0ba957a9a4f9f41285000732e)

The package estaspnet was found to contain malicious code.

Database specific 
{
    "malicious-packages-origins": [
        {
            "id": "RLMA-2026-01942",
            "sha256": "f016a21141d6e26c63284ba9d307533df3a231ddea86c86ecadee629ff24bf6d",
            "import_time": "2026-04-16T15:39:01.26019896Z",
            "source": "reversing-labs",
            "modified_time": "2026-04-16T09:55:13Z",
            "versions": [
                "1.0.0"
            ]
        },
        {
            "import_time": "2026-04-23T20:49:09.578593849Z",
            "sha256": "2c5d06cbbad43dc5b62ae0a9cd37980a791be8e0ba957a9a4f9f41285000732e",
            "source": "amazon-inspector",
            "modified_time": "2026-04-23T20:43:56Z",
            "versions": [
                "1.0.0"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / estaspnet

Package

Name
estaspnet
View open source insights on deps.dev
Purl
pkg:npm/estaspnet

Affected ranges

Affected versions

1.*
1.0.0

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/estaspnet/MAL-2026-2758.json"