mal-2026-6702
Vulnerability from ossf_malicious_packages
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (3bf683b6e8715fecd451a06da256d90048054cbe463da64e43c1a8db4226b661)
vue-demi-fix is a name-confusion package against the widely used vue-demi library. package.json declares both preinstall and postinstall lifecycle scripts that invoke curl against a hardcoded bare-IP HTTP endpoint (http://109.71.252.153:8080/), exfiltrating the installer's OS, username (whoami), current working directory (pwd), and hostname as URL query parameters on every npm install. The package ships no real functionality — index.js only prints a proof-of-concept notice and README self-labels as a 'Responsible Disclosure' PoC. Regardless of the PoC framing, installers receive no benign function and their host identity is unconditionally beaconed to a non-publisher, non-registry endpoint on a default install.
Source: ossf-package-analysis (8fd5381cd4364444dac8d64b33e317c526ef52948ebfb9d10e11ec0909b7d383)
The OpenSSF Package Analysis project identified 'vue-demi-fix' @ 10.0.4 (npm) as malicious.
It is considered malicious because:
- The package executes one or more commands associated with malicious behavior.
{
"affected": [
{
"database_specific": {
"cwes": [
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
],
"indicators": {
"evidence_files": [
{
"path": "package.json",
"sha256": "1df317c182d5e7b522b207299f68c0e75e79c4697c009e69b256410bd6335779",
"tlsh": "49f028382834a6333ac54f20686576efac417f730191bc15e7a3a51ddaae29202b9219"
},
{
"path": "README.md",
"sha256": "58b31f2aade66367cf38caf6f10806a270f3be88b9cdfc5f1c8524d01ac44479",
"tlsh": "20a022333008ba0823303a030ae00a002a000c22bf88a080c80be880820c0c08a8833a"
}
],
"package_integrity": [
{
"filename": "vue-demi-fix-10.0.4.tgz",
"hashes": {
"sha1": "4e8b755465d097a5dfc9515df2eaa015bd7703df",
"sha512_sri": "sha512-sOGDhqSQeq3Ki7DOeFTqutfY0sf72I9I/fMSaj43mWQWNnerwv+7aCGX4kqSvx7VlJTGd4qPczAHTvYbLFvoxQ=="
}
}
]
}
},
"package": {
"ecosystem": "npm",
"name": "vue-demi-fix"
},
"versions": [
"10.0.4",
"10.0.3",
"10.0.5"
]
}
],
"credits": [
{
"contact": [
"inspector-research@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
},
{
"contact": [
"https://github.com/ossf/package-analysis",
"https://openssf.slack.com/channels/package_analysis"
],
"name": "OpenSSF: Package Analysis",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"import_time": "2026-06-30T21:35:44.631242273Z",
"modified_time": "2026-06-30T10:41:28Z",
"sha256": "8fd5381cd4364444dac8d64b33e317c526ef52948ebfb9d10e11ec0909b7d383",
"source": "ossf-package-analysis",
"versions": [
"10.0.4"
]
},
{
"id": "IN-MAL-2026-007842",
"import_time": "2026-07-01T19:11:22.756129232Z",
"modified_time": "2026-07-01T18:34:29Z",
"sha256": "3bf683b6e8715fecd451a06da256d90048054cbe463da64e43c1a8db4226b661",
"source": "amazon-inspector",
"versions": [
"10.0.4"
]
},
{
"id": "IN-MAL-2026-007844",
"import_time": "2026-07-01T19:11:23.067617477Z",
"modified_time": "2026-07-01T18:34:46Z",
"sha256": "41d430d87db19b144ee6213294cc5dd634b60288db5dd1c9ba6d57e23d90140c",
"source": "amazon-inspector",
"versions": [
"10.0.3"
]
},
{
"id": "IN-MAL-2026-007843",
"import_time": "2026-07-01T19:11:22.90478316Z",
"modified_time": "2026-07-01T18:34:39Z",
"sha256": "de927f8bd731d104d0cd6444386a8c9a050331d85b1de57a14bee2c7f4baa0e7",
"source": "amazon-inspector",
"versions": [
"10.0.5"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (3bf683b6e8715fecd451a06da256d90048054cbe463da64e43c1a8db4226b661)\nvue-demi-fix is a name-confusion package against the widely used vue-demi library. package.json declares both preinstall and postinstall lifecycle scripts that invoke curl against a hardcoded bare-IP HTTP endpoint (http://109.71.252.153:8080/), exfiltrating the installer\u0027s OS, username (whoami), current working directory (pwd), and hostname as URL query parameters on every npm install. The package ships no real functionality \u2014 index.js only prints a proof-of-concept notice and README self-labels as a \u0027Responsible Disclosure\u0027 PoC. Regardless of the PoC framing, installers receive no benign function and their host identity is unconditionally beaconed to a non-publisher, non-registry endpoint on a default install.\n\n## Source: ossf-package-analysis (8fd5381cd4364444dac8d64b33e317c526ef52948ebfb9d10e11ec0909b7d383)\nThe OpenSSF Package Analysis project identified \u0027vue-demi-fix\u0027 @ 10.0.4 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n",
"id": "MAL-2026-6702",
"modified": "2026-07-01T19:13:21Z",
"published": "2026-06-30T10:41:28Z",
"references": [
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/vue-demi-fix/v/10.0.4"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/vue-demi-fix/v/10.0.3"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/vue-demi-fix/v/10.0.5"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in vue-demi-fix (npm)"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.