{"id":"MAL-2026-4601","summary":"Malicious code in local-mcp (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (4649a6cac828460ea4a3e6d867038eaa507f109eb6a46de9eef1fc340d867608)\nThe package executes lifecycle and import-time code that fetches executables and posts host data to off-publisher infrastructure. download.js (line 92) issues https.get to https://office-mcp-production.up.railway.app and to https://download.local-mcp.com, fetching binary content that is written to disk via fs and executed via child_process. index.js (line 194) performs https.get to https://office-mcp-production.up.railway.app while also reading process.env (lines 180, 277), os.homedir() (line 68), and process.platform (line 23) — host/identity fields gathered alongside an outbound POST. setup.js wires multiple POST calls (lines 61, 343, 800, 878, 904) over https with child_process available in scope. The package name is 'local-mcp' but the primary network destination is a Railway-hosted endpoint ('office-mcp-production.up.railway.app') that does not match the declared publisher domain (local-mcp.com); Railway free-tier subdomains are mutable, not version-pinned, and not author-controlled infrastructure in any verifiable sense. The combination — install/import-time fetch of binaries from a non-publisher mutable host, write+execute via child_process, and concurrent collection of env vars + homedir + platform with POSTs to the same Railway host — matches the active-attack / install-time-rce shape rather than a legitimate native-addon prebuild flow (which would fetch from the package's own GitHub releases at a pinned version with hash verification).\n","modified":"2026-05-27T00:32:04.275415798Z","published":"2026-05-20T08:14:15Z","withdrawn":"2026-05-26T18:42:38Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-05-20T21:38:37Z","source":"amazon-inspector","sha256":"0d270e7bca623f361b45598f9c9ac210409ee2460ce89e9b0d58cb54f7966389","versions":["3.0.177"],"id":"IN-MAL-2026-003616","import_time":"2026-05-26T05:50:58.497368715Z"},{"modified_time":"2026-05-20T08:33:38Z","source":"amazon-inspector","sha256":"eae7d3f7204b548521c31041765e21a943c6d86a41dd0c81a5879adafe6fa9df","versions":["3.0.199"],"id":"IN-MAL-2026-003503","import_time":"2026-05-26T05:50:44.981675001Z"},{"modified_time":"2026-05-22T21:46:56Z","source":"amazon-inspector","sha256":"f19b9aea05a8e8e76d8059bdfbd10db3dc928899ee587127a7b6a30ae176550e","versions":["3.0.211"],"id":"IN-MAL-2026-004262","import_time":"2026-05-26T05:52:15.560844593Z"},{"modified_time":"2026-05-24T11:38:34Z","source":"amazon-inspector","sha256":"19720486e8e8b8446772a14fcc74015b1d1cec3b905c2986f717bf421456719a","versions":["3.0.217"],"id":"IN-MAL-2026-004500","import_time":"2026-05-26T05:52:43.311097757Z"},{"modified_time":"2026-05-22T14:25:51Z","source":"amazon-inspector","sha256":"46a78d4864ea2d47b4aef53ee9d8cbacb7739a5dfb71bbd37add2ccb5f80a5e0","versions":["3.0.210"],"id":"IN-MAL-2026-004216","import_time":"2026-05-26T05:52:10.360980617Z"},{"modified_time":"2026-05-20T08:37:27Z","source":"amazon-inspector","sha256":"64532d8dc97d420332500887dc9a5e0c02b62567e7d281966d639624f0fbbb43","versions":["3.0.192"],"id":"IN-MAL-2026-003505","import_time":"2026-05-26T05:50:45.388084655Z"},{"modified_time":"2026-05-22T22:15:42Z","source":"amazon-inspector","sha256":"aa31cf61a1882525f095989af831377fd28b27b67219a1fd954c1f1c05cd705e","versions":["3.0.212"],"id":"IN-MAL-2026-004265","import_time":"2026-05-26T05:52:15.9332917Z"},{"modified_time":"2026-05-20T22:07:39Z","source":"amazon-inspector","sha256":"ac0d1f2f5410f7fdba5d8f16107463f4ea481380ed7e0fdf6a32e9dce2d93cd3","versions":["3.0.197"],"id":"IN-MAL-2026-003622","import_time":"2026-05-26T05:50:59.143082993Z"},{"modified_time":"2026-05-20T20:51:23Z","source":"amazon-inspector","sha256":"c97072bb416e1bb7b86a2500f96a0c5a44e432110c81d0613e160219e2eeefaa","versions":["3.0.201"],"id":"IN-MAL-2026-003614","import_time":"2026-05-26T05:50:58.334669584Z"},{"modified_time":"2026-05-20T22:09:46Z","source":"amazon-inspector","sha256":"ff277ff7b93c32122a7e27425f8085412dcf1552e0284f2b0818b3823b08eb04","versions":["3.0.203"],"id":"IN-MAL-2026-003623","import_time":"2026-05-26T05:50:59.251802392Z"},{"modified_time":"2026-05-20T22:00:21Z","source":"amazon-inspector","sha256":"0e2d769e2a8ee3e9614cf82ddcb950b99337a77b696b6699f881dab8091aeabd","versions":["3.0.198"],"id":"IN-MAL-2026-003620","import_time":"2026-05-26T05:50:58.951671988Z"},{"modified_time":"2026-05-21T01:28:22Z","source":"amazon-inspector","sha256":"25f96e0dadfe663a9cf16470235d730f6d14e9b3ee24e9d35a282664ae867510","versions":["3.0.206"],"id":"IN-MAL-2026-003687","import_time":"2026-05-26T05:51:06.799390134Z"},{"modified_time":"2026-05-23T14:37:37Z","source":"amazon-inspector","sha256":"6ed3d92c23d9b280d6f5dcb7ac2dba976d11e7ef3824618c07635c0429c368f0","versions":["3.0.215"],"id":"IN-MAL-2026-004339","import_time":"2026-05-26T05:52:24.420899823Z"},{"modified_time":"2026-05-23T14:37:37Z","source":"amazon-inspector","sha256":"9fa35e8f2ad25ad8d383f4e4a29af35c1eea07bace17b40644d7034c3d00ef95","versions":["3.0.215"],"id":"IN-MAL-2026-004340","import_time":"2026-05-26T05:52:24.53195166Z"},{"modified_time":"2026-05-22T13:56:39Z","source":"amazon-inspector","sha256":"d4a0aa92cdd0f041d587c908066c2e78644dbc04f7c4782e65fe879d83545729","versions":["3.0.209"],"id":"IN-MAL-2026-004211","import_time":"2026-05-26T05:52:09.733918222Z"},{"modified_time":"2026-05-25T20:51:03Z","source":"amazon-inspector","sha256":"fc3f3c2c95fc9379aa613268375eaa3c0e1fc8ed536c6800416954661bddc746","versions":["3.0.221"],"id":"IN-MAL-2026-004775","import_time":"2026-05-26T05:53:15.565722937Z"},{"modified_time":"2026-05-20T08:32:45Z","source":"amazon-inspector","sha256":"2bd0919a8030a3a1f6a8e8128236ea3d8869c6bce33e80594186c8d16aedde73","versions":["3.0.180"],"id":"IN-MAL-2026-003502","import_time":"2026-05-26T05:50:44.857644368Z"},{"modified_time":"2026-05-20T08:17:19Z","source":"amazon-inspector","sha256":"6a398ec11fb2fb1d3cd1dd42ed2de3027a4489da19b210e973d5a153b41823c7","versions":["3.0.178"],"id":"IN-MAL-2026-003499","import_time":"2026-05-26T05:50:44.467695938Z"},{"modified_time":"2026-05-20T08:39:37Z","source":"amazon-inspector","sha256":"8364a08f8b0d7998e269d0a5977d7a439ed4516a49bd671a3cd1b5f489fdc625","versions":["3.0.186"],"id":"IN-MAL-2026-003506","import_time":"2026-05-26T05:50:45.485472846Z"},{"modified_time":"2026-05-20T08:14:15Z","source":"amazon-inspector","sha256":"c2e0b276731de2300d757d09b1f6584b92316a11553a990d89ceec31b1426283","versions":["3.0.183"],"id":"IN-MAL-2026-003498","import_time":"2026-05-26T05:50:44.371060072Z"},{"modified_time":"2026-05-22T11:53:46Z","source":"amazon-inspector","sha256":"4649a6cac828460ea4a3e6d867038eaa507f109eb6a46de9eef1fc340d867608","versions":["3.0.207"],"id":"IN-MAL-2026-004198","import_time":"2026-05-26T05:52:07.654134113Z"},{"modified_time":"2026-05-24T11:38:33Z","source":"amazon-inspector","sha256":"4ca59f7bb1a150e28960fbb8eeddbe7b811427eeb7cb93a0c50334b41389d435","versions":["3.0.217"],"id":"IN-MAL-2026-004499","import_time":"2026-05-26T05:52:43.201585113Z"},{"modified_time":"2026-05-20T22:13:34Z","source":"amazon-inspector","sha256":"92dc5b622430e003c0380d583ba222b5fa25fbbfce1be8b6a8720ca2b92b7c52","versions":["3.0.188"],"id":"IN-MAL-2026-003626","import_time":"2026-05-26T05:50:59.565632066Z"},{"modified_time":"2026-05-25T20:51:04Z","source":"amazon-inspector","sha256":"c653e6cf20a0063a2416e35ccb07db9a799378ec6c75c52bec7fc88dde6c4537","versions":["3.0.221"],"id":"IN-MAL-2026-004776","import_time":"2026-05-26T05:53:15.68261976Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.177"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.199"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.211"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.210"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.192"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.212"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.197"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.201"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.203"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.198"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.206"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.215"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.209"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.221"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.180"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.178"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.186"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.183"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.207"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.217"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/local-mcp/v/3.0.188"}],"affected":[{"package":{"name":"local-mcp","ecosystem":"npm","purl":"pkg:npm/local-mcp"},"versions":["3.0.177","3.0.199","3.0.211","3.0.217","3.0.210","3.0.192","3.0.212","3.0.197","3.0.201","3.0.203","3.0.198","3.0.206","3.0.215","3.0.209","3.0.221","3.0.180","3.0.178","3.0.186","3.0.183","3.0.207","3.0.188"],"database_specific":{"indicators":{"package_integrity":[{"hashes":{"sha512_sri":"sha512-rBVPkjggjIGW84yfffBAQTVsWRiy6UckDVDnke+hdMg6eL5YbrSsV9uS07lwSWy0fZtCqsWDL985BLmWGUISWw==","sha1":"b64565c726be21ac2e5717a3b5a50aabcb767127"},"filename":"local-mcp-3.0.177.tgz"}],"evidence_files":[{"sha256":"8d4db8277674530f2931f9847bc32bf8b4631c89d10e35495e99501e9f1813f6","path":"download.js","tlsh":"52b2c79642a36331cbc24375474b616a5b2bc137730a66a4ffed46442f4917cc2e2ded"},{"sha256":"d09b4515797111b8d5366ae6c2c2256698f31af8b7bba18ee1b74845a2a3c826","path":"index.js","tlsh":"6e32d79a46fa52395bc2536d994b200bf337e1133305d5a4b9ed93192fc053c82a6efe"},{"path":"setup.js","sha256":"41207240dac8f298b17fa99d385c0d476d059f737fba652d49a5f74e4f8d8347","tlsh":"3023c77211f522363b82d66c861b94162325f913b609b42476ccb3986fdc63cd9b3afd"}],"domains":["office-mcp-production.up.railway.app","download.local-mcp.com"]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/local-mcp/MAL-2026-4601.json","cwes":[{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."},{"name":"Embedded Malicious Code","cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature."}]}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}