MAL-2026-4511

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-patch/MAL-2026-4511.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-4511

Published

2026-05-25T09:08:31Z

Modified

2026-05-26T06:02:19.439674084Z

Summary

Malicious code in chai-as-patch (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b)

This package is a typosquat of chai-as-promised that delivers remote code execution to any installer that requires it and invokes the exported middleware. index.js spawns a detached, stdio-ignored child process running lib/caller.js. caller.js fetches https://jsonkeeper.com/b/XRGF3 (a free anonymous JSON paste host) via axios, extracts the .cookie field from the response, and passes it into new Function.constructor('require', s), then invokes the resulting function with the real require — giving the paste host's controller arbitrary code execution in the consumer's Node process. The C2 URL is base64-encoded and hidden inside a fake process.env-shaped object (DEV_API_KEY: "aHR0cHM6Ly9qc29ua2VlcGVyLmNvbS9iL1hSR0Yz"); a second encoded paste ID (4NAKK) is stored in lib/const.js. The package metadata further obfuscates intent: name mimics chai-as-promised, description claims to be a vulnerability manager, keywords are pino-related, and the bug tracker points at an unrelated domain. The detached+unref'd subprocess pattern is intended to hide the loader from the calling process. Multiple independent block signals are present: anonymous-host remote-code fetch with no integrity check, dynamic Function-constructor execution of attacker-controlled bytes, base64-concealed C2, hidden detached subprocess delivery, and typosquat naming.

Database specific

{
    "malicious-packages-origins": [
        {
            "import_time": "2026-05-26T05:52:56.92619071Z",
            "versions": [
                "1.1.9"
            ],
            "sha256": "c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b",
            "id": "IN-MAL-2026-004613",
            "source": "amazon-inspector",
            "modified_time": "2026-05-25T09:08:31Z"
        }
    ]
}

References

https://www.npmjs.com/package/chai-as-patch/v/1.1.9

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com

Affected packages

npm / chai-as-patch

Package

Name: chai-as-patch; View open source insights on deps.dev
Purl: pkg:npm/chai-as-patch

Affected ranges

Affected versions

1.*

1.1.9

Database specific

indicators

{
    "evidence_files": [
        {
            "sha256": "d81e48769a830cd3384a4b8977ade12e5ab7583eb7cca84e7ab966d15871bd71",
            "tlsh": "f8017b8a30fa605c015510f64b1fa4327011e4273c49e5c5378c87524fea9ae6963aed",
            "path": "lib/caller.js"
        },
        {
            "sha256": "2956b023858d706a5e241cd28b845088e5f414c5f70bd5d8cb73cb427d081065",
            "tlsh": "5d213c81b9f11188065cd9c8b569e53a38e3c4377207b9b0e9ec87862bcf2080272ad7",
            "path": "index.js"
        },
        {
            "sha256": "8c067e52f0deb7378aab0190d83a71f27fbec486e98e6cb944ebe0f0b9e70224",
            "tlsh": "c9016461deb88e2300ed25824c2a0743aa619c079828fc2932da512d4f9e9bf01be21d",
            "path": "package.json"
        }
    ],
    "package_integrity": [
        {
            "hashes": {
                "sha512_sri": "sha512-ZrLnNpf7F3WtxonhoAlIEDnODMOWJITYa9HqIw/kkh9HZyIq/vBCUEY8ZD+QNKKWD8U5lnhamLXUG1dv+VSBJA==",
                "sha1": "55629bb7321892427bb8a0e14c14151fff645e43"
            },
            "filename": "chai-as-patch-1.1.9.tgz"
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-patch/MAL-2026-4511.json"

cwes

[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]