MAL-2026-3811
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/claude-code-base-action/MAL-2026-3811.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-3811
- Published
- 2026-05-17T15:19:44Z
- Modified
- 2026-05-19T18:02:20.507250263Z
- Summary
- Malicious code in claude-code-base-action (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686)
The package claude-code-base-action was found to contain malicious code.
Source: ossf-package-analysis (f08c76c834d5f7c2ce735d4dd85684ec34f3dcc29e1353dc7633fb72ee79aaaf)
The OpenSSF Package Analysis project identified 'claude-code-base-action' @ 2.0.0 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
- Database specific
{ "malicious-packages-origins": [ { "import_time": "2026-05-17T15:26:55.54141334Z", "versions": [ "2.0.0" ], "source": "ossf-package-analysis", "modified_time": "2026-05-17T15:19:44Z", "sha256": "f08c76c834d5f7c2ce735d4dd85684ec34f3dcc29e1353dc7633fb72ee79aaaf" }, { "import_time": "2026-05-17T15:50:45.342577666Z", "versions": [ "2.2.2" ], "source": "ossf-package-analysis", "sha256": "3c9e36883f6e538eda86eb64854165d767b96458a12405a7ccd967c8015f6269", "modified_time": "2026-05-17T15:41:36Z" }, { "import_time": "2026-05-19T17:50:33.981476006Z", "versions": [ "2.0.0", "2.2.2" ], "source": "amazon-inspector", "modified_time": "2026-05-19T16:47:48Z", "sha256": "3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686" } ] }- References
-
- Credits
-
-
- Amazon Inspector - FINDER
-
- OpenSSF: Package Analysis - FINDER
-
Affected packages
npm / claude-code-base-action
Package
- Name
- claude-code-base-action
- View open source insights on deps.dev
- Purl
- pkg:npm/claude-code-base-action