MAL-2026-4459

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@touchvue/chat/MAL-2026-4459.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-4459

Withdrawn

2026-05-26T21:14:22Z

Published

2026-05-20T04:42:40Z

Modified

2026-05-27T00:31:51.678627669Z

Summary

Malicious code in @touchvue/chat (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (0921a05dced95d8d0bb5d99de362f67e4e67832874fb0b4391629f5dfe6e926d)

The published tarball's chat components (AiChat/Chat/useSSE.js and AiChat/ChatInput.vue2.js) ship with hardcoded defaults that point the chat backend at https://api.apiyi.com/v1/chat/completions (a third-party OpenAI-compatible proxy aggregator) using an Authorization: Bearer sk-fe9MtO... header that is also hardcoded in the source. The package is advertised as a Vue 3 AI chat component library, and the README does not disclose this default destination or that an author-supplied key is being used. Any developer who drops the components into an application without overriding moduleInfo.config.action and the headers() function will cause their downstream end users' chat prompts to be transmitted to api.apiyi.com under the author's account. This is the silent-relay shape: a hardcoded third-party destination chosen by the author, embedded in the package's advertised public API, that exfiltrates caller-supplied data on normal use. The shipped bearer token additionally enables anyone who installs the package to consume the author's apiyi.com quota (author self-harm), but the installer-side concern is the silent relay of user prompt data. A separate hardcoded RFC1918 endpoint and auth token in TouchAgent.vue2.js (http://10.19.93.128:30015/..., authToken: c09f1251-...) is unreachable from installers and is a quality/info-leak issue rather than an active threat.

Database specific

{
    "malicious-packages-origins": [
        {
            "source": "amazon-inspector",
            "sha256": "0921a05dced95d8d0bb5d99de362f67e4e67832874fb0b4391629f5dfe6e926d",
            "modified_time": "2026-05-20T04:49:21Z",
            "versions": [
                "1.0.0-beta.53"
            ],
            "id": "IN-MAL-2026-003465",
            "import_time": "2026-05-26T05:50:41.648809899Z"
        },
        {
            "source": "amazon-inspector",
            "sha256": "87029aac9f5994c46ba71ee04c28e012520976e8e660201fb36bb4e17f0355ee",
            "modified_time": "2026-05-20T04:42:40Z",
            "versions": [
                "1.0.0-beta.54"
            ],
            "id": "IN-MAL-2026-003463",
            "import_time": "2026-05-26T05:50:41.442589616Z"
        },
        {
            "sha256": "9794fd6b274d02791c15e0dcfa559a1432db9ee2cb73f0b4670bf06cf81f5f82",
            "source": "amazon-inspector",
            "modified_time": "2026-05-20T05:00:22Z",
            "import_time": "2026-05-26T05:50:41.866590153Z",
            "versions": [
                "1.0.0-beta.52"
            ],
            "id": "IN-MAL-2026-003467"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com

Affected packages

npm / @touchvue/chat

Package

Name: @touchvue/chat; View open source insights on deps.dev
Purl: pkg:npm/%40touchvue%2Fchat

Affected ranges

Affected versions

1.*

1.0.0-beta.52

1.0.0-beta.53

1.0.0-beta.54

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@touchvue/chat/MAL-2026-4459.json"

indicators

{
    "package_integrity": [
        {
            "filename": "chat-1.0.0-beta.53.tgz",
            "hashes": {
                "sha1": "5e8821bc7d2b40e47a84b335e5ba6db263eaa140",
                "sha512_sri": "sha512-+0UYiN/0FFydenVAIxL2flc2yncdLCwTXJdjNFWyz41vM1XWZ+HF+CkuF2MmbRLXuJNPM19FanDySnql42Uo/w=="
            }
        }
    ],
    "evidence_files": [
        {
            "sha256": "891e21596077d325719c06cd4635d0518298ccc9d07b6f9256f5258e946e821d",
            "tlsh": "d092459998fe09158325f078fa5b381daa215903364ceb54f58c80a93fcc6f492fa7f5",
            "path": "lib/packages/components/touchchat/src/AiChat/Chat/useSSE.js"
        },
        {
            "path": "lib/packages/components/touchchat/src/AiChat/ChatInput.vue2.js",
            "tlsh": "5d92a519ecb210120d77327e4f5ba005a560621b0644ede0bf4c96996f4ee6ca6fb3de",
            "sha256": "80d9a654c48397bb1e229033b54eb61f0ab3d8ebc2b5469d3556d12faa367089"
        },
        {
            "path": "lib/packages/components/touchchat/src/AiChat/TouchAgent.vue2.js",
            "tlsh": "e003a718a8b314284777716ebf5b7409252152032588fda47f4cd2a92fcd6f492fabec",
            "sha256": "9559d48108b87a5f8401cb1032dfeda68937c97eb2090faef2eeacbe646a3655"
        }
    ]
}

cwes

[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]