MAL-2026-4533

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/codebuff-cli/MAL-2026-4533.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-4533

Published

2026-05-22T11:16:55Z

Modified

2026-05-26T06:02:24.538369178Z

Summary

Malicious code in codebuff-cli (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (bdf777f03e4dc44a9956401136a42f099638025ef7d2197dec630525ad26727d)

The package name codebuff-cli impersonates the legitimate codebuff npm package; the README is copy-pasted from the official CodebuffAI project (it even instructs users to run npm install -g codebuff), but the published artifact is an unofficial fork. Three concrete installer-side harms are present:

Silent relay of user data to a non-publisher backend. README and the bundled binary configure the default backend as https://fireworks-api-backend.vercel.app (a personal Vercel deployment) instead of codebuff.com. Because this CLI is an AI coding agent, by-default usage transmits the user's source code, prompts, and command history to that endpoint.
TLS verification globally disabled. cli/bin/codebuff.cjs line 201 spawns the codebuff binary with NODE_TLS_REJECT_UNAUTHORIZED=0, disabling certificate verification for every HTTPS connection the binary makes (auth, backend, model providers). Combined with the redirected backend, this allows MITM of all transmitted code/prompts/credentials with no warning.
Unverified binary fetch from a mutable personal-account release. If the bundled binary is missing, cli/bin/codebuff.cjs queries https://api.github.com/repos/Marcus-Mok-GH/codebuff-cli/releases/latest, downloads codebuff-<platform>-<arch> to ~/.codebuff/bin/, chmods 0755, and executes it — with TLS verification disabled and no hash/signature check. The latest tag is mutable and the publisher is a personal GitHub user, not the CodebuffAI org.

Attacker benefit is concrete and sustained: every prompt, code excerpt, and credential entered by an installer who followed the README's codebuff instructions is delivered to the publisher's infrastructure over an unverified TLS channel, with the additional ability to swap the executable at any time through the mutable latest release pointer.

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "07aee3af30fb34f519be14369e5c55b8ce6b6faf58efe98d63d02e053d27c1b8",
            "source": "amazon-inspector",
            "modified_time": "2026-05-24T10:46:52Z",
            "import_time": "2026-05-26T05:52:41.435214677Z",
            "versions": [
                "1.1.1"
            ],
            "id": "IN-MAL-2026-004484"
        },
        {
            "sha256": "ea2dc583698f3d0c05ba28d600519b6ef0a431c2a3cbfec6973c49e4e85d3e6a",
            "source": "amazon-inspector",
            "modified_time": "2026-05-23T07:38:29Z",
            "import_time": "2026-05-26T05:52:19.60557722Z",
            "versions": [
                "1.0.21"
            ],
            "id": "IN-MAL-2026-004298"
        },
        {
            "sha256": "f6f931ab622074246fc27ed57ab5dd0542e2b5c645e53e9f79f5c6f65e483bf5",
            "source": "amazon-inspector",
            "modified_time": "2026-05-25T06:55:10Z",
            "id": "IN-MAL-2026-004593",
            "import_time": "2026-05-26T05:52:54.43548864Z",
            "versions": [
                "1.1.4"
            ]
        },
        {
            "sha256": "581a9487e6cf281e80dd99457bb19bcbb62ffdc54de0beb998af80aeac249496",
            "source": "amazon-inspector",
            "modified_time": "2026-05-23T09:02:03Z",
            "versions": [
                "1.0.22"
            ],
            "id": "IN-MAL-2026-004568",
            "import_time": "2026-05-26T05:52:51.402855413Z"
        },
        {
            "sha256": "79bd2cb4e31f834f0c7f31ccc01722a303fb15c3d5e29151242b5fd63e3d5750",
            "source": "amazon-inspector",
            "modified_time": "2026-05-24T05:19:57Z",
            "id": "IN-MAL-2026-004463",
            "import_time": "2026-05-26T05:52:38.973973826Z",
            "versions": [
                "1.0.26"
            ]
        },
        {
            "sha256": "7e3eed5133b76d3fb4ac742ef59b287d56fdcfff0300218353d521480078a74c",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T20:26:03Z",
            "id": "IN-MAL-2026-004254",
            "import_time": "2026-05-26T05:52:14.645275631Z",
            "versions": [
                "1.0.18"
            ]
        },
        {
            "sha256": "855fa70e3fc3583e8b51879a6d37dcdc28411bdda9c1ee422b2b1cd24062234c",
            "source": "amazon-inspector",
            "modified_time": "2026-05-23T10:45:46Z",
            "versions": [
                "1.0.24"
            ],
            "id": "IN-MAL-2026-004312",
            "import_time": "2026-05-26T05:52:21.335164911Z"
        },
        {
            "sha256": "c1d83ba7569be8fca8a3e401174e96a30c6ec6ab790fc68fb6fca873131db99b",
            "source": "amazon-inspector",
            "modified_time": "2026-05-25T22:42:33Z",
            "id": "IN-MAL-2026-004786",
            "import_time": "2026-05-26T05:53:16.744882288Z",
            "versions": [
                "1.1.7"
            ]
        },
        {
            "sha256": "c98f573b00f2cbef8a1f9ce208b401f890adc0bd589b9ac405e320c242549ff4",
            "source": "amazon-inspector",
            "modified_time": "2026-05-24T05:54:53Z",
            "versions": [
                "1.0.28"
            ],
            "id": "IN-MAL-2026-004466",
            "import_time": "2026-05-26T05:52:39.31747092Z"
        },
        {
            "sha256": "f8a7399f405f8b5cd445825e0ea971188dab2ca895be457a36bac26f39177302",
            "source": "amazon-inspector",
            "modified_time": "2026-05-24T09:52:59Z",
            "import_time": "2026-05-26T05:52:41.327120914Z",
            "versions": [
                "1.1.0"
            ],
            "id": "IN-MAL-2026-004483"
        },
        {
            "sha256": "0aeff449bcc91ff751407d86a8a13ea2797e1a9d85df04cce1fbfbbdb9c66e3b",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T18:17:57Z",
            "versions": [
                "1.0.15"
            ],
            "id": "IN-MAL-2026-004237",
            "import_time": "2026-05-26T05:52:12.728524606Z"
        },
        {
            "sha256": "20745917fcbb9e21932170480e2750f8a340fd453d3ef1e1f75d29368c58000b",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T17:28:14Z",
            "versions": [
                "1.0.14"
            ],
            "id": "IN-MAL-2026-004233",
            "import_time": "2026-05-26T05:52:12.30682379Z"
        },
        {
            "sha256": "5255796089443603b793c67038e04bf6c1ef4eec651e1c8f8afbedcc0e8b9215",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T18:59:18Z",
            "versions": [
                "1.0.17"
            ],
            "id": "IN-MAL-2026-004247",
            "import_time": "2026-05-26T05:52:13.837871643Z"
        },
        {
            "sha256": "575af29454416864c07f305659a29c42e6439a87e85d3463651ab2d80e69e6e4",
            "source": "amazon-inspector",
            "modified_time": "2026-05-23T09:15:47Z",
            "id": "IN-MAL-2026-004304",
            "import_time": "2026-05-26T05:52:20.273104419Z",
            "versions": [
                "1.0.23"
            ]
        },
        {
            "sha256": "65f50bacf00046f8729f2388f5fe2a7e4cef170dbaf43647d409f54ef61c7442",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T11:16:55Z",
            "versions": [
                "1.0.11"
            ],
            "id": "IN-MAL-2026-004193",
            "import_time": "2026-05-26T05:52:07.090186471Z"
        },
        {
            "source": "amazon-inspector",
            "sha256": "e6ddcc4d1d42b51dd9a4d8e373048e4e47f2fc28f065ae2dd08cbac261b6e366",
            "modified_time": "2026-05-23T07:38:25Z",
            "versions": [
                "1.0.20"
            ],
            "id": "IN-MAL-2026-004297",
            "import_time": "2026-05-26T05:52:19.510537571Z"
        },
        {
            "source": "amazon-inspector",
            "sha256": "78d6c7f9b0d00da33890bae4b502446c51578d21330c1d9834aa940d4b0431c5",
            "modified_time": "2026-05-23T09:02:03Z",
            "versions": [
                "1.0.22"
            ],
            "id": "IN-MAL-2026-004303",
            "import_time": "2026-05-26T05:52:20.163964707Z"
        },
        {
            "sha256": "d322914dcce2f1a019be46a4bc3f34b2f43ad43902f315362c4b53c008dccc9b",
            "source": "amazon-inspector",
            "modified_time": "2026-05-25T00:22:07Z",
            "id": "IN-MAL-2026-004561",
            "import_time": "2026-05-26T05:52:50.694598189Z",
            "versions": [
                "1.1.2"
            ]
        },
        {
            "sha256": "f82b278953aaa12ce168593fd6a9bfb0648a791d92b3293f2e5182ff8a17fc45",
            "source": "amazon-inspector",
            "modified_time": "2026-05-24T05:27:57Z",
            "id": "IN-MAL-2026-004464",
            "import_time": "2026-05-26T05:52:39.074419671Z",
            "versions": [
                "1.0.27"
            ]
        },
        {
            "sha256": "bdf777f03e4dc44a9956401136a42f099638025ef7d2197dec630525ad26727d",
            "source": "amazon-inspector",
            "modified_time": "2026-05-25T22:45:14Z",
            "id": "IN-MAL-2026-004787",
            "import_time": "2026-05-26T05:53:16.869151619Z",
            "versions": [
                "1.1.8"
            ]
        },
        {
            "sha256": "2a7b10422f2e6759ea8dc780eaaaf681cf1b9596904b5fb540a66654c84e9f8a",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T11:41:50Z",
            "id": "IN-MAL-2026-004460",
            "import_time": "2026-05-26T05:52:38.54362321Z",
            "versions": [
                "1.0.12"
            ]
        },
        {
            "source": "amazon-inspector",
            "sha256": "42cf7f9c8603c145d4555e9c84fc0de3e57b05d7a0342c1b2a9f23e850fc3714",
            "modified_time": "2026-05-25T22:42:19Z",
            "versions": [
                "1.1.6"
            ],
            "id": "IN-MAL-2026-004785",
            "import_time": "2026-05-26T05:53:16.636952214Z"
        },
        {
            "sha256": "4f149caff4acc645b9efb79bf92c9dd64fc35865b52ab27875a7b805bf8b088b",
            "source": "amazon-inspector",
            "modified_time": "2026-05-25T11:32:00Z",
            "versions": [
                "1.1.5"
            ],
            "id": "IN-MAL-2026-004629",
            "import_time": "2026-05-26T05:52:58.866126966Z"
        },
        {
            "sha256": "ca4e32a5c10c9898a693c8edb3589548a2ef6915e4a37823a1d954fe28b31a7d",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T11:41:50Z",
            "versions": [
                "1.0.12"
            ],
            "id": "IN-MAL-2026-004195",
            "import_time": "2026-05-26T05:52:07.323905708Z"
        },
        {
            "sha256": "d0ac1bcd5545634fb377d6eb208bfc3610b7175a8e85b1a381eb7ebacb4a09c3",
            "source": "amazon-inspector",
            "modified_time": "2026-05-23T07:08:45Z",
            "versions": [
                "1.0.19"
            ],
            "id": "IN-MAL-2026-004295",
            "import_time": "2026-05-26T05:52:19.368052675Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com

Affected packages

npm / codebuff-cli

Package

Name: codebuff-cli; View open source insights on deps.dev
Purl: pkg:npm/codebuff-cli

Affected ranges

Affected versions

1.*

1.0.11

1.0.12

1.0.14

1.0.15

1.0.17

1.0.18

1.0.19

1.0.20

1.0.21

1.0.22

1.0.23

1.0.24

1.0.26

1.0.27

1.0.28

1.1.0

1.1.1

1.1.2

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/codebuff-cli/MAL-2026-4533.json"

indicators

{
    "package_integrity": [
        {
            "filename": "codebuff-cli-1.1.1.tgz",
            "hashes": {
                "sha1": "e09e744a8d0f7cfa629806bce4d5940f5f10c3cd",
                "sha512_sri": "sha512-lAN64ZUmvd9EC++oxh7RASWWInJncekFreFVgba9FNG9rc1sxSukGIwNH6TjWRE11i65X4CH/+pC9KR4MI+xtw=="
            }
        }
    ],
    "evidence_files": [
        {
            "path": "package.json",
            "tlsh": "4d51eb51cd98cd3317905517b0369a23104a1a0f1e95fc8c3ba2a33e4f6c2af20b6a7f",
            "sha256": "f6113c9c4be6a0a5e268c4802f3c0ef5f2c08eb082c6cec5b32f204bdeda8098"
        },
        {
            "path": "cli/bin/codebuff.cjs",
            "tlsh": "9e02848d6af391340ab3929e4b4ba029b5379503320ddf58f6ec83542f8262cc5e57de",
            "sha256": "4f2c25b75c2d9b91de8ea02c9330bbc4ab751b914c4e743965161d711a4bad95"
        }
    ]
}

cwes

[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]