{"id":"MAL-2026-2341","summary":"Malicious code in chai-chain-cognivault (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (19b0851e6e0e1c6814315a7876df23ebeb1c80c5afd8093f9790c0b2fb6ba605)\nThe package chai-chain-cognivault was found to contain malicious code.\n","modified":"2026-04-07T14:50:31.069496Z","published":"2026-03-24T15:40:13Z","database_specific":{"malicious-packages-origins":[{"source":"reversing-labs","import_time":"2026-04-01T12:26:07.165944888Z","sha256":"6958b8a4cac4fcdf04efb6f15b693f427004f588d7953909a42b7535d75fd0a9","id":"RLMA-2026-01724","modified_time":"2026-03-24T15:40:13Z","versions":["2.3.5"]},{"source":"amazon-inspector","import_time":"2026-04-07T14:39:23.002015463Z","sha256":"19b0851e6e0e1c6814315a7876df23ebeb1c80c5afd8093f9790c0b2fb6ba605","modified_time":"2026-04-07T14:24:50Z","versions":["2.3.5"]}]},"affected":[{"package":{"name":"chai-chain-cognivault","ecosystem":"npm","purl":"pkg:npm/chai-chain-cognivault"},"versions":["2.3.5"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/chai-chain-cognivault/MAL-2026-2341.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}