{"id":"MAL-2026-1590","summary":"Malicious code in @cbreone/core-ui (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b7e204888ba2b9573e474d804f28f51173684bb25f640615a9eaae217c5e1a45)\nThe package @cbreone/core-ui was found to contain malicious code.\n","modified":"2026-03-23T05:33:26.629286Z","published":"2026-03-18T12:24:28Z","database_specific":{"malicious-packages-origins":[{"id":"RLMA-2026-00972","import_time":"2026-03-19T12:18:22.521997597Z","sha256":"c7ca64da3e0323606f789927e9998492f038a5d80c6647bede9c6ad2fe184b0b","modified_time":"2026-03-18T12:24:28Z","versions":["999.999.999","9999.9999.9999"],"source":"reversing-labs"},{"import_time":"2026-03-23T05:14:17.41280799Z","sha256":"b7e204888ba2b9573e474d804f28f51173684bb25f640615a9eaae217c5e1a45","modified_time":"2026-03-23T05:11:41Z","versions":["999.999.999","9999.9999.9999"],"source":"amazon-inspector"}]},"affected":[{"package":{"name":"@cbreone/core-ui","ecosystem":"npm","purl":"pkg:npm/%40cbreone/core-ui"},"versions":["999.999.999","9999.9999.9999"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@cbreone/core-ui/MAL-2026-1590.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}