MAL-2026-4729

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/whiteboard-agent/MAL-2026-4729.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-4729

Published

2026-05-19T18:13:33Z

Modified

2026-05-26T06:03:06.203842090Z

Summary

Malicious code in whiteboard-agent (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (ae14bab8e5a11636f7a395fccf88119f5294c3639c8f71b6b2e3f199282bb584)

On npm install, scripts/postinstall.js fetches a companion-<platform>-<arch> binary from github.com/palmthree-studio/whiteboard-agent/releases/download/nightly/... — a mutable release tag (not pinned to package version 1.4.24) with no SHA/signature verification — chmods it 0755, and in non-TTY installs (CI, agent, scripted environments) spawns it detached. The same non-TTY path generates an admin account with a random 16-hex password, starts the companion HTTP server on 127.0.0.1:3001 with COMPANION_LOCALHOST_BYPASS=1, then spawns cloudflared tunnel --url http://localhost:3001, publishing the local server to a public *.trycloudflare.com URL. The combination is install-time-triggered remote ingress: anyone who learns or guesses the tunnel URL can reach the companion API on the installer's host without authentication beyond the random credential, which is itself generated and stored locally without user notification. README documents wendy start performing tunnel exposure interactively, but does not warn that npm install itself does this silently in non-interactive environments — the typical CI / build-agent / container scenario. Independently, the nightly mutable-tag binary fetch means every install (and reinstall/update) pulls whatever bytes are at that tag at that moment; a stolen publish credential or a future malicious push compromises every installation without any version bump.

Database specific

{
    "malicious-packages-origins": [
        {
            "import_time": "2026-05-26T05:50:15.949237568Z",
            "versions": [
                "1.4.23"
            ],
            "sha256": "1439bfcea8e17e7548b566977c8ff1c319abaaaf97ac845ef8ec253c9ed1299f",
            "source": "amazon-inspector",
            "modified_time": "2026-05-19T18:13:33Z",
            "id": "IN-MAL-2026-003236"
        },
        {
            "import_time": "2026-05-26T05:50:17.033164804Z",
            "versions": [
                "1.4.24"
            ],
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-003246",
            "modified_time": "2026-05-19T18:53:21Z",
            "sha256": "ae14bab8e5a11636f7a395fccf88119f5294c3639c8f71b6b2e3f199282bb584"
        },
        {
            "import_time": "2026-05-26T05:50:17.327915419Z",
            "versions": [
                "1.4.24"
            ],
            "sha256": "1f81bb09fa354423bc8eb9b247ae087f1e52ed976b6a027ef8219bc758292bce",
            "source": "amazon-inspector",
            "modified_time": "2026-05-19T18:53:22Z",
            "id": "IN-MAL-2026-003247"
        },
        {
            "import_time": "2026-05-26T05:50:15.842348868Z",
            "versions": [
                "1.4.23"
            ],
            "id": "IN-MAL-2026-003235",
            "sha256": "31b31b26999860c740d57ded85fededdb4d999069d2df83ee6e60809b56bb57e",
            "modified_time": "2026-05-19T18:13:33Z",
            "source": "amazon-inspector"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com

Affected packages

npm / whiteboard-agent

Package

Name: whiteboard-agent; View open source insights on deps.dev
Purl: pkg:npm/whiteboard-agent

Affected ranges

Affected versions

1.*

1.4.23

1.4.24

Database specific

indicators

{
    "domains": [
        "github.com",
        "release-assets.githubusercontent.com"
    ],
    "evidence_files": [
        {
            "tlsh": "9032b54b64ea26350be26d6adb0fc0627d56c203121ecd64bc9e934c9f91834d252aff",
            "sha256": "34ae9c5bdfd0edbb15f91ac02dfda2e7a8612afcfd1ff0db650e9671c3af1c03",
            "path": "scripts/postinstall.js"
        }
    ],
    "package_integrity": [
        {
            "hashes": {
                "sha512_sri": "sha512-jp488FXiEw2iQ1UMXBk5hfydW/Cwx+otIZ8gb363U/eF8DNVEQrGThm9BjurEzlwrto83W9IwWW9KTXKryvmeQ==",
                "sha1": "06d40bd6e3335f98f9d737ec96919df0593030ec"
            },
            "filename": "whiteboard-agent-1.4.24.tgz"
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/whiteboard-agent/MAL-2026-4729.json"

cwes

[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]