{"id":"MAL-2026-2792","summary":"Malicious code in pil2-proofman-js (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (ec44a98d8fd4dfdf91d31b7990ec8005ee4d4aab1d6030d18e86f84758659093)\nThe package pil2-proofman-js was found to contain malicious code.\n","modified":"2026-04-23T21:17:13.460586Z","published":"2026-04-16T10:11:10Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-04-16T10:11:10Z","source":"reversing-labs","import_time":"2026-04-16T15:39:15.394873288Z","id":"RLMA-2026-02020","versions":["99.0.1"],"sha256":"1e4d083baf1d2b1dd869dd94c0fa26748535f495ecf059472fba89bf61e2def4"},{"modified_time":"2026-04-23T20:43:56Z","source":"amazon-inspector","import_time":"2026-04-23T20:48:59.738803721Z","versions":["99.0.1"],"sha256":"ec44a98d8fd4dfdf91d31b7990ec8005ee4d4aab1d6030d18e86f84758659093"}]},"affected":[{"package":{"name":"pil2-proofman-js","ecosystem":"npm","purl":"pkg:npm/pil2-proofman-js"},"versions":["99.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/pil2-proofman-js/MAL-2026-2792.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}