{"id":"MAL-2026-1599","summary":"Malicious code in @emerald-react/badge (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (aa1fd9db354fb18abad1dbf02e1dd5ceb8235067ff25c71c2b9a5fe274e08594)\nThe package @emerald-react/badge was found to contain malicious code.\n","modified":"2026-03-23T05:35:24.010647Z","published":"2026-03-18T12:25:39Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-03-19T12:18:23.360705706Z","source":"reversing-labs","id":"RLMA-2026-00981","versions":["999.999.999","9999.9999.9999"],"sha256":"e6cd89216e4989524c2ee2e41d607dc33d7b656f3834fd089a772a21a8932f46","modified_time":"2026-03-18T12:25:39Z"},{"import_time":"2026-03-23T05:14:13.985454485Z","source":"amazon-inspector","versions":["999.999.999","9999.9999.9999"],"sha256":"aa1fd9db354fb18abad1dbf02e1dd5ceb8235067ff25c71c2b9a5fe274e08594","modified_time":"2026-03-23T05:11:41Z"}]},"affected":[{"package":{"name":"@emerald-react/badge","ecosystem":"npm","purl":"pkg:npm/%40emerald-react/badge"},"versions":["999.999.999","9999.9999.9999"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@emerald-react/badge/MAL-2026-1599.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}