mal-2026-2492
Vulnerability from ossf_malicious_packages
Published
2026-04-05 15:30
Modified
2026-04-08 18:35
Summary
Malicious code in admin0911 (npm)
Details
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (131de816e8ec55ce8cba8760646cd38392aa5d5c64d74ca83d6331ce81dc92c7)
The package admin0911 was found to contain malicious code.
Source: ossf-package-analysis (8516309c67b62cd05a8cec44d5bd7cb5ebceebd331c870e3589ab027bb926bb7)
The OpenSSF Package Analysis project identified 'admin0911' @ 1.0.38 (npm) as malicious.
It is considered malicious because:
-
The package communicates with a domain associated with malicious activity.
-
The package executes one or more commands associated with malicious behavior.
Credits
Amazon Inspector
actran@amazon.com
OpenSSF: Package Analysis
github.com/ossf/package-analysis
openssf.slack.com/channels/package_analysis
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "admin0911"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"versions": [
"1.0.1",
"1.0.0",
"1.0.2",
"1.0.5",
"1.0.4",
"1.0.8",
"1.0.12",
"1.0.11",
"1.0.10",
"1.0.14",
"1.0.13",
"1.0.21",
"1.0.19",
"1.0.23",
"1.0.38",
"1.0.39",
"1.0.37",
"1.0.44",
"1.0.47",
"1.0.48",
"1.0.45",
"1.0.43",
"1.0.51",
"1.0.52",
"1.0.49",
"1.0.55",
"1.0.56",
"1.0.54",
"1.0.62",
"1.0.61",
"1.0.60",
"1.0.64",
"1.0.63",
"1.0.66",
"1.0.74",
"1.0.75",
"1.0.80",
"1.0.78",
"1.0.79",
"1.0.88",
"1.0.85",
"1.0.93",
"1.0.91",
"1.0.95",
"1.0.100",
"1.1.0",
"1.1.2"
]
}
],
"credits": [
{
"contact": [
"actran@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
},
{
"contact": [
"https://github.com/ossf/package-analysis",
"https://openssf.slack.com/channels/package_analysis"
],
"name": "OpenSSF: Package Analysis",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"import_time": "2026-04-05T15:44:59.807607857Z",
"modified_time": "2026-04-05T15:43:43Z",
"sha256": "3695d0f7489e83b4ec745cea51d9a057efc6c22f3f7a4b2fb6e640527d8343a4",
"source": "ossf-package-analysis",
"versions": [
"1.0.1"
]
},
{
"import_time": "2026-04-05T15:44:59.662404516Z",
"modified_time": "2026-04-05T15:30:57Z",
"sha256": "5c85e038183d5abde236e2f52464a662b6aed5f6129c6ad6a568ec565c361f89",
"source": "ossf-package-analysis",
"versions": [
"1.0.0"
]
},
{
"import_time": "2026-04-05T15:44:59.753649986Z",
"modified_time": "2026-04-05T15:39:31Z",
"sha256": "e18d7245ffba525783ef5adcf4e1139bbab811212ba167258d6b1c41462a3356",
"source": "ossf-package-analysis",
"versions": [
"1.0.2"
]
},
{
"import_time": "2026-04-05T16:12:37.953107833Z",
"modified_time": "2026-04-05T16:10:09Z",
"sha256": "5400638b8f302ba0dcdf7fe2ef807b7d914e1402f7c26109b3b68e2b46af7ffd",
"source": "ossf-package-analysis",
"versions": [
"1.0.5"
]
},
{
"import_time": "2026-04-05T16:12:37.901744722Z",
"modified_time": "2026-04-05T15:55:48Z",
"sha256": "26fac17d4076abe58d460e1e9ceaedeec2f6ba9e3daaaf1920dd84caa638a32e",
"source": "ossf-package-analysis",
"versions": [
"1.0.4"
]
},
{
"import_time": "2026-04-05T17:12:27.682975085Z",
"modified_time": "2026-04-05T16:55:37Z",
"sha256": "cf656bb5a4d98071f7a8ab56f208cd3700efe87a7325c344eb379d8e87d8e139",
"source": "ossf-package-analysis",
"versions": [
"1.0.8"
]
},
{
"import_time": "2026-04-05T17:45:11.355907433Z",
"modified_time": "2026-04-05T17:34:39Z",
"sha256": "428a4a04a4930c8c8d9b430fb7a3ffcff1dd4cd2cbf63727ccaf9d3c8de48936",
"source": "ossf-package-analysis",
"versions": [
"1.0.12"
]
},
{
"import_time": "2026-04-05T17:45:11.274943083Z",
"modified_time": "2026-04-05T17:32:00Z",
"sha256": "382bdef35e36a5feec0cad981c76915cb8f875d01626bd3395bedb729e9b0486",
"source": "ossf-package-analysis",
"versions": [
"1.0.11"
]
},
{
"import_time": "2026-04-05T18:14:53.614474406Z",
"modified_time": "2026-04-05T17:46:16Z",
"sha256": "e5e4e1fc75301ca7250ef6fced097b98d827424f1df7f2ef4a1dfe0405ec39f0",
"source": "ossf-package-analysis",
"versions": [
"1.0.10"
]
},
{
"import_time": "2026-04-05T18:48:11.019127717Z",
"modified_time": "2026-04-05T18:38:39Z",
"sha256": "09f24ddbbcc8473b6871c3da3e69e669df9b7f643bfac2dd4b582e5962c4eecd",
"source": "ossf-package-analysis",
"versions": [
"1.0.14"
]
},
{
"import_time": "2026-04-05T18:48:10.851779219Z",
"modified_time": "2026-04-05T18:35:52Z",
"sha256": "4faf70dade9278166dd051dda6a1a3c8bf87c810b0d206830f118dedf2ba3448",
"source": "ossf-package-analysis",
"versions": [
"1.0.13"
]
},
{
"import_time": "2026-04-06T16:20:23.93956787Z",
"modified_time": "2026-04-06T16:15:38Z",
"sha256": "cfc467e110572f449912dbc6e27e5cdb26fbe049b8c6dd378f5c4ae7e41b156f",
"source": "ossf-package-analysis",
"versions": [
"1.0.21"
]
},
{
"import_time": "2026-04-06T16:20:23.78682334Z",
"modified_time": "2026-04-06T15:55:45Z",
"sha256": "00544f3a87422e5d3722f08a03550e56980362172bfbe064a478724f4c50e39d",
"source": "ossf-package-analysis",
"versions": [
"1.0.19"
]
},
{
"import_time": "2026-04-06T16:48:17.812333238Z",
"modified_time": "2026-04-06T16:25:44Z",
"sha256": "7ba859281540df54fdbc16e0fb345bcdd8992096d3aba54aa31c6968a71f421c",
"source": "ossf-package-analysis",
"versions": [
"1.0.23"
]
},
{
"import_time": "2026-04-06T19:49:55.614332754Z",
"modified_time": "2026-04-06T19:40:56Z",
"sha256": "8516309c67b62cd05a8cec44d5bd7cb5ebceebd331c870e3589ab027bb926bb7",
"source": "ossf-package-analysis",
"versions": [
"1.0.38"
]
},
{
"import_time": "2026-04-06T20:17:05.724520146Z",
"modified_time": "2026-04-06T19:52:43Z",
"sha256": "0f0a6fce857d51342c57c185f8d059dbad9c04f410521bd2a0c555811b57a82c",
"source": "ossf-package-analysis",
"versions": [
"1.0.39"
]
},
{
"import_time": "2026-04-06T20:17:05.575367119Z",
"modified_time": "2026-04-06T19:52:32Z",
"sha256": "f5929b05d89b9d44dc61f8bb1a60a40fa66f3e6d6fa09ce845562163ffd251d2",
"source": "ossf-package-analysis",
"versions": [
"1.0.37"
]
},
{
"import_time": "2026-04-06T21:15:54.772352014Z",
"modified_time": "2026-04-06T21:11:36Z",
"sha256": "a5026e814264c4520bc542d2cfe990af525e6724c2cc684ebadb95dabd1242a3",
"source": "ossf-package-analysis",
"versions": [
"1.0.44"
]
},
{
"import_time": "2026-04-06T21:46:41.302491648Z",
"modified_time": "2026-04-06T21:26:19Z",
"sha256": "2b03020b2462366f58fbcae62d80fa2e2ac7b312dac3ebf57fd59ab7b0c4a4a7",
"source": "ossf-package-analysis",
"versions": [
"1.0.47"
]
},
{
"import_time": "2026-04-06T21:46:41.343937952Z",
"modified_time": "2026-04-06T21:30:48Z",
"sha256": "7820c18fe358cd7a14d30da3040d1ba0ca02a2189f4fe1f84a98b9636fac5464",
"source": "ossf-package-analysis",
"versions": [
"1.0.48"
]
},
{
"import_time": "2026-04-06T21:46:41.226726765Z",
"modified_time": "2026-04-06T21:16:33Z",
"sha256": "a76584e7e264e71950f5170fe4470e06e8ad48398335fe58a5e5523f1f33abcf",
"source": "ossf-package-analysis",
"versions": [
"1.0.45"
]
},
{
"import_time": "2026-04-06T21:46:41.410027975Z",
"modified_time": "2026-04-06T21:37:38Z",
"sha256": "a9d3d2e1466512fccf2f526bcfc8f57f1aa0bf474431bf633d8f65d1e6c2fad2",
"source": "ossf-package-analysis",
"versions": [
"1.0.43"
]
},
{
"import_time": "2026-04-06T22:13:27.449644414Z",
"modified_time": "2026-04-06T22:07:37Z",
"sha256": "04c5b0bd097bb02ad2646265eed64a5915e7c84af6f44e3c0bf3fceac6ec8e3d",
"source": "ossf-package-analysis",
"versions": [
"1.0.51"
]
},
{
"import_time": "2026-04-06T22:13:27.350071751Z",
"modified_time": "2026-04-06T22:06:41Z",
"sha256": "1961aefe764eaa2339491f5bbba0bce6623f9039f47930540e7a52c93a3162ff",
"source": "ossf-package-analysis",
"versions": [
"1.0.52"
]
},
{
"import_time": "2026-04-06T22:13:27.252861072Z",
"modified_time": "2026-04-06T21:50:52Z",
"sha256": "8c2e9219becf1d5a997b4166889751cf6da7737d9661e25516aa7b9a4afece74",
"source": "ossf-package-analysis",
"versions": [
"1.0.49"
]
},
{
"import_time": "2026-04-06T22:46:57.770537922Z",
"modified_time": "2026-04-06T22:18:24Z",
"sha256": "30b4145d46778b93d12881e8d0d99fc6c0f021ce12a68bde4ba924ad125284db",
"source": "ossf-package-analysis",
"versions": [
"1.0.55"
]
},
{
"import_time": "2026-04-06T22:46:57.843281364Z",
"modified_time": "2026-04-06T22:27:55Z",
"sha256": "c7229e750b5648710bbf20e1aa91f887cc53234fcec80679463d6731781a1885",
"source": "ossf-package-analysis",
"versions": [
"1.0.56"
]
},
{
"import_time": "2026-04-06T22:46:57.705418555Z",
"modified_time": "2026-04-06T22:17:22Z",
"sha256": "f20770c413b0edb94ebd3197340b57096ece2c44821a5546aa6e13dbb57ba09e",
"source": "ossf-package-analysis",
"versions": [
"1.0.54"
]
},
{
"import_time": "2026-04-06T23:15:35.847481468Z",
"modified_time": "2026-04-06T23:07:13Z",
"sha256": "01a2c86b50650bff2c33907d686fe824f4b4afd4b33e95885bb118ac00e5cfb3",
"source": "ossf-package-analysis",
"versions": [
"1.0.62"
]
},
{
"import_time": "2026-04-06T23:15:35.703939527Z",
"modified_time": "2026-04-06T23:06:42Z",
"sha256": "b7d8ba2a640c047ff3933948e8e50322a6ccf3afb05e27acb64137bbeb064584",
"source": "ossf-package-analysis",
"versions": [
"1.0.61"
]
},
{
"import_time": "2026-04-06T23:15:35.518361188Z",
"modified_time": "2026-04-06T23:01:08Z",
"sha256": "d631267d1bceb36cb2e6dad1e41ebb630184de67466e5ceef0fbe6cb4291237f",
"source": "ossf-package-analysis",
"versions": [
"1.0.60"
]
},
{
"import_time": "2026-04-06T23:46:45.445054659Z",
"modified_time": "2026-04-06T23:24:06Z",
"sha256": "0811ed207df49a8b2f03fb524ad90d2a754df67f180eb7f78568ea1bffecb9f9",
"source": "ossf-package-analysis",
"versions": [
"1.0.64"
]
},
{
"import_time": "2026-04-06T23:46:45.354391299Z",
"modified_time": "2026-04-06T23:17:23Z",
"sha256": "f59c404d5fd3cff9daa12f668fa89a19d33b8f4d6a8cab9a3db25695a0a79cfb",
"source": "ossf-package-analysis",
"versions": [
"1.0.63"
]
},
{
"import_time": "2026-04-07T09:30:03.215595652Z",
"modified_time": "2026-04-07T09:10:44Z",
"sha256": "fc2dade7a4c6d70d4a224ca05fa9b464906bcd023bf0a1e7f42e47f1a2f56274",
"source": "ossf-package-analysis",
"versions": [
"1.0.66"
]
},
{
"import_time": "2026-04-07T14:39:18.585439066Z",
"modified_time": "2026-04-07T14:24:50Z",
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"sha256": "131de816e8ec55ce8cba8760646cd38392aa5d5c64d74ca83d6331ce81dc92c7",
"source": "amazon-inspector"
},
{
"import_time": "2026-04-08T10:51:12.702886811Z",
"modified_time": "2026-04-08T10:41:04Z",
"sha256": "915fbcb00a56736c74fd6bac9150fe0fd41d5176bffcc38ff24e89a3dad105c5",
"source": "ossf-package-analysis",
"versions": [
"1.0.74"
]
},
{
"import_time": "2026-04-08T10:51:12.636576713Z",
"modified_time": "2026-04-08T10:36:03Z",
"sha256": "c9038d6011ae0e0704c830183ab305f1b18b2ea56a7372db1c65e41b3d358e0a",
"source": "ossf-package-analysis",
"versions": [
"1.0.75"
]
},
{
"import_time": "2026-04-08T12:26:00.507291617Z",
"modified_time": "2026-04-08T12:06:11Z",
"sha256": "c93f607fb900cc4883f10c39a80a488d8ee0ee91305b619c5f14a09ccd251276",
"source": "ossf-package-analysis",
"versions": [
"1.0.80"
]
},
{
"import_time": "2026-04-08T12:26:00.129918273Z",
"modified_time": "2026-04-08T11:55:50Z",
"sha256": "f44a219b0e66b00d33cd176741bf0b22e176e9334dbb7bc1b1714e638cca5b14",
"source": "ossf-package-analysis",
"versions": [
"1.0.78"
]
},
{
"import_time": "2026-04-08T12:26:00.328822392Z",
"modified_time": "2026-04-08T12:01:16Z",
"sha256": "bbc1f5ffdcb27f45f5932ec7fe96058c094d2fcf2f53fbe2d6fc131c53ea8882",
"source": "ossf-package-analysis",
"versions": [
"1.0.79"
]
},
{
"import_time": "2026-04-08T13:36:42.582632914Z",
"modified_time": "2026-04-08T13:11:01Z",
"sha256": "6519e53b2233beaf25d2936c670a37dde7a5004cfde5d27953e725f0c5311500",
"source": "ossf-package-analysis",
"versions": [
"1.0.88"
]
},
{
"import_time": "2026-04-08T13:36:42.488561907Z",
"modified_time": "2026-04-08T13:00:55Z",
"sha256": "8174f37f4557d0d978418276ca1b5ed0146a698dd4a3dc67e5a00962d0984e30",
"source": "ossf-package-analysis",
"versions": [
"1.0.85"
]
},
{
"import_time": "2026-04-08T13:36:42.704763451Z",
"modified_time": "2026-04-08T13:33:47Z",
"sha256": "fdbe85ca32b4a6ac18bf5b64e20aec8ab349cec3035d2c5a7a53dd6d44da46db",
"source": "ossf-package-analysis",
"versions": [
"1.0.93"
]
},
{
"import_time": "2026-04-08T14:39:13.787593049Z",
"modified_time": "2026-04-08T14:34:40Z",
"sha256": "c46732b638c390a0bcfb18114db829b60516a437a9766e5b6b12f3bc6328326e",
"source": "ossf-package-analysis",
"versions": [
"1.0.91"
]
},
{
"import_time": "2026-04-08T15:34:41.213955734Z",
"modified_time": "2026-04-08T15:15:26Z",
"sha256": "80e723d28b01c54b7f50d22e719adb9cd9ebccc35fd1bd6c0d23d1e47de9d7dc",
"source": "ossf-package-analysis",
"versions": [
"1.0.95"
]
},
{
"import_time": "2026-04-08T17:54:23.66810672Z",
"modified_time": "2026-04-08T17:44:09Z",
"sha256": "645de188738e4aa5552dbd60c7fe46dd0d986bac224eeae86d938bbde79b8984",
"source": "ossf-package-analysis",
"versions": [
"1.0.100"
]
},
{
"import_time": "2026-04-08T17:54:23.820981597Z",
"modified_time": "2026-04-08T17:45:54Z",
"sha256": "ddf5c15949ca3d2a7d133980e825056903bb01428c224b084842d0a340bb11e7",
"source": "ossf-package-analysis",
"versions": [
"1.1.0"
]
},
{
"import_time": "2026-04-08T18:32:27.106996076Z",
"modified_time": "2026-04-08T18:01:19Z",
"sha256": "5dc35261486a79b970a497afe7859ad6f18c41203df98841454f6ef218bb54f3",
"source": "ossf-package-analysis",
"versions": [
"1.1.2"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (131de816e8ec55ce8cba8760646cd38392aa5d5c64d74ca83d6331ce81dc92c7)\nThe package admin0911 was found to contain malicious code.\n\n## Source: ossf-package-analysis (8516309c67b62cd05a8cec44d5bd7cb5ebceebd331c870e3589ab027bb926bb7)\nThe OpenSSF Package Analysis project identified \u0027admin0911\u0027 @ 1.0.38 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n",
"id": "MAL-2026-2492",
"modified": "2026-04-08T18:35:00Z",
"published": "2026-04-05T15:30:57Z",
"schema_version": "1.7.4",
"summary": "Malicious code in admin0911 (npm)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…