{"id":"MAL-2026-2378","summary":"Malicious code in node-multer (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (6fd13a20e1e6edfd702b510f8205a60c9826a214ac27b04e1c6b48dee5f74d76)\nThe package node-multer was found to contain malicious code.\n","modified":"2026-04-07T14:54:49.398190Z","published":"2026-03-24T15:53:26Z","database_specific":{"malicious-packages-origins":[{"source":"reversing-labs","modified_time":"2026-03-24T15:53:26Z","versions":["3.5.7"],"sha256":"ac071000b6c869ddf4dffecfb76b05cbab824a6ca662eacf05f6b0ad492616bc","id":"RLMA-2026-01797","import_time":"2026-04-01T12:26:10.14613923Z"},{"source":"amazon-inspector","modified_time":"2026-04-07T14:24:50Z","versions":["3.5.7"],"sha256":"6fd13a20e1e6edfd702b510f8205a60c9826a214ac27b04e1c6b48dee5f74d76","import_time":"2026-04-07T14:39:10.050291054Z"}]},"affected":[{"package":{"name":"node-multer","ecosystem":"npm","purl":"pkg:npm/node-multer"},"versions":["3.5.7"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/node-multer/MAL-2026-2378.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}