MAL-2026-5901

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-polished/MAL-2026-5901.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-5901

Published

2026-06-16T16:22:51Z

Modified

2026-06-16T18:16:52.515259308Z

Summary

Malicious code in chai-as-polished (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (b2ea0d46e0bb4382e8d684d025cb72b7f99e37874c571e9946ae1268b70be6cf)

Package name is a one-edit typosquat of the widely-used chai-as-promised, but the shipped code is unrelated to chai. The exported middleware spawns a detached, unref'd child process running lib/initializeCaller.js. That file constructs a fake process.env containing three base64-encoded fields which decode to the URL https://tomato-brunhilda-40.tiiny.site/index.json and the header x-secret-key: _, fetches that URL via axios, and passes response.data.cookie to new Function.constructor('require', response)(require) — executing arbitrary attacker-supplied JavaScript with the installer's Node require available. The base64 staging of the URL and header has no functional purpose other than to hide the destination from cursory review. tiiny.site is an anonymous static-hosting service whose contents the author can change at any time, so the executed payload is fully attacker-controlled and mutable. Triggering requires a consumer to invoke the package's middleware, which is the documented entry point for anyone deceived by the name into installing it.

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "b2ea0d46e0bb4382e8d684d025cb72b7f99e37874c571e9946ae1268b70be6cf",
            "import_time": "2026-06-16T18:10:20.669977583Z",
            "source": "amazon-inspector",
            "modified_time": "2026-06-16T16:22:51Z",
            "versions": [
                "7.0.8"
            ],
            "id": "IN-MAL-2026-006794"
        }
    ]
}

References

https://www.npmjs.com/package/chai-as-polished/v/7.0.8

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com

Affected packages

npm / chai-as-polished

Package

Name: chai-as-polished; View open source insights on deps.dev
Purl: pkg:npm/chai-as-polished

Affected ranges

Affected versions

7.*

7.0.8

Database specific

indicators

{
    "package_integrity": [
        {
            "filename": "chai-as-polished-7.0.8.tgz",
            "hashes": {
                "sha512_sri": "sha512-Qjbu4tcTETc5se5DrWODkJdEVtHTaTxI2wa1a2v1qbz4muEPr/eQZSlB6dzF67Vyuq7LE/wfUpfsri4T47pQBA==",
                "sha1": "d56581217834ef8c89d84c63605e59a2422c3d62"
            }
        }
    ],
    "evidence_files": [
        {
            "sha256": "23436f977c9bbe6d302f0f94e191b3dfd938e5a0417ec098d38b60b0ed0cb14f",
            "tlsh": "9511c08e61fc200c046512e6b62f18126021e8673d86d5e47acc835b1f9567f7d936df",
            "path": "lib/initializeCaller.js"
        },
        {
            "sha256": "37bf7c72ae1ea7e2d08b83932ee3297feb0f58a86143c678041379b82376b0f9",
            "tlsh": "d3019c20de788e2300ed25824c2a064376619c175928fc1932d7522c0f9d5ff01bf21d",
            "path": "package.json"
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-as-polished/MAL-2026-5901.json"

cwes

[
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    }
]