{"id":"MAL-2026-3422","summary":"Malicious code in rsflows-pexml (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (4ef5b11ec067e18cc3a024fee21e569e0f44cf180619e974cbb1dd8325e1b10c)\nThe package rsflows-pexml was found to contain malicious code.\n\n## Source: ossf-package-analysis (ca8cde633391c1292f4bc8a50e783760044b5bea6312639fb3470418619c1b9d)\nThe OpenSSF Package Analysis project identified 'rsflows-pexml' @ 99.9.25 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2026-05-12T07:57:52.591710Z","published":"2026-05-10T15:15:31Z","database_specific":{"malicious-packages-origins":[{"versions":["99.9.9"],"import_time":"2026-05-11T00:52:26.816722037Z","modified_time":"2026-05-10T15:15:31Z","source":"ossf-package-analysis","sha256":"144a8e247e6bb6c7b08119900b2d70af4ee7a594650d03adb2fbf731963e521d"},{"versions":["99.9.25"],"import_time":"2026-05-11T00:52:26.660792127Z","modified_time":"2026-05-10T15:50:50Z","source":"ossf-package-analysis","sha256":"ca8cde633391c1292f4bc8a50e783760044b5bea6312639fb3470418619c1b9d"},{"versions":["99.9.9","99.9.25"],"import_time":"2026-05-12T07:28:56.38973164Z","modified_time":"2026-05-12T06:53:21Z","source":"amazon-inspector","sha256":"4ef5b11ec067e18cc3a024fee21e569e0f44cf180619e974cbb1dd8325e1b10c"}]},"affected":[{"package":{"name":"rsflows-pexml","ecosystem":"npm","purl":"pkg:npm/rsflows-pexml"},"versions":["99.9.9","99.9.25"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/rsflows-pexml/MAL-2026-3422.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}