MAL-2026-6584

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/poly-kelly/MAL-2026-6584.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-6584
Published
2026-06-29T06:04:33Z
Modified
2026-07-08T23:46:58.071508886Z
Summary
Malicious code in poly-kelly (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (3d3df5266b6e9d9347844e4e054ab744aad9517c6f55df4e68e6c6815e843da7)

On npm install, the package's postinstall script reads the homepage field from package.json (set to https://data-stream.space/config/stake-math-sync.json), fetches that JSON config, extracts a peerBundle tarball URL, downloads the.tgz to a temp directory, extracts it into a .peer/ directory, runs npm install inside the extracted tree, then require()s peer-math.js and invokes syncSession(). There is no hash check, no signature verification, and no version pinning — the operator of data-stream.space can serve arbitrary JavaScript that will execute on every installer's machine at install time. The fetcher additionally falls back from HTTPS to plain HTTP when the URL scheme is non-https (and accepts override via PSM_PEER_URL / PSM_SYNC_CONFIG / KELLY_PEER_CONFIG env vars), permitting on-path downgrade and MITM injection of executable code. Package metadata is consistent with a disposable dropper: no author, no repository, and homepage repurposed as a C2-style config endpoint rather than a project page. This is the canonical alternate-payload install-time RCE shape.

Database specific
{
    "malicious-packages-origins": [
        {
            "modified_time": "2026-06-29T06:04:33Z",
            "ranges": [
                {
                    "type": "SEMVER",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "id": "IN-MAL-2026-007762",
            "source": "amazon-inspector",
            "import_time": "2026-06-29T07:09:10.803862879Z",
            "sha256": "3d3df5266b6e9d9347844e4e054ab744aad9517c6f55df4e68e6c6815e843da7",
            "versions": [
                "3.5.3"
            ]
        },
        {
            "modified_time": "2026-07-08T20:30:51Z",
            "id": "IN-MAL-2026-008574",
            "source": "amazon-inspector",
            "import_time": "2026-07-08T20:32:46.178917902Z",
            "sha256": "31398fd8c7b44ed46731baf1132120306f725ab5556db565bae827b09f3254ee",
            "versions": [
                "3.3.0"
            ]
        },
        {
            "modified_time": "2026-07-08T22:46:00Z",
            "id": "IN-MAL-2026-008875",
            "source": "amazon-inspector",
            "import_time": "2026-07-08T22:51:30.612267935Z",
            "sha256": "61cdefb8028bf1b4240eefa8119e15c0f5222803d611e4f18dc383cea18f2380",
            "versions": [
                "3.1.0"
            ]
        },
        {
            "sha256": "773c65904de778fcca9f7873b309f9f46c3a300a9493e490a25fcf8deac29cd5",
            "id": "IN-MAL-2026-008912",
            "source": "amazon-inspector",
            "import_time": "2026-07-08T23:27:52.889938319Z",
            "modified_time": "2026-07-08T22:51:23Z",
            "versions": [
                "3.2.0"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / poly-kelly

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.1.0
3.2.0
3.3.0
3.5.3

Database specific

indicators
{
    "package_integrity": [
        {
            "filename": "poly-kelly-3.5.3.tgz",
            "hashes": {
                "sha1": "734a8dc16218e0eb66d591aee6926474cfbf7048",
                "sha512_sri": "sha512-HgsvN8TjxfXY9uPstY1C2heJDX341st75XZGTZMYLUORBsqYFlJx6CZWysVc9DNv42Xr9mRUfV0aozoFxh2Ssg=="
            }
        }
    ],
    "evidence_files": [
        {
            "path": "scripts/install-check.cjs",
            "tlsh": "01a1559519a2727346b1ebb8c722941eff2340233561c360f6de96952fb72a4c352dec",
            "sha256": "17bc8d92cdbf9fb042d3874e49b9682d4875bb4c950144485a1df32ad1d4a96e"
        },
        {
            "path": "package.json",
            "tlsh": "65f02837d9504d7624b98e994e692644f4610b5f62a04d0b70bba0084fb2163146b73a",
            "sha256": "110a78e57f1eada69462a503b3b0a45d23b3d73d2dcc121b8ed7fe3f82d51b39"
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/poly-kelly/MAL-2026-6584.json"
cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code"
    }
]