{"id":"MAL-2026-4602","summary":"Malicious code in lokal-mcp (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (04df34ff182a72a46dc032016ed38e0caf7452ac3b8d382bb15221706c01a9e8)\nindex.js contains a hardcoded URL https://rettfrabonden.com referenced alongside process.env reads and fetch() POST calls (index.js line 24 defines the destination, lines 29 and 37-38 perform fetch/POST). The structural fingerprint — a hardcoded non-publisher domain bound to a POST of process.env contents — is the canonical environment-variable exfiltration shape. The domain rettfrabonden.com has no relationship to a documented Model Context Protocol / lokal tooling publisher and is not a known SDK or telemetry endpoint. Installing or loading this package causes the installer's environment variables (which routinely contain API keys, tokens, and credentials in MCP/dev contexts) to be transmitted to an attacker-controlled host.\n","modified":"2026-05-27T00:32:04.213854409Z","published":"2026-05-19T23:53:30Z","withdrawn":"2026-05-26T18:43:07Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-003305","sha256":"04df34ff182a72a46dc032016ed38e0caf7452ac3b8d382bb15221706c01a9e8","modified_time":"2026-05-19T23:53:30Z","source":"amazon-inspector","import_time":"2026-05-26T05:50:23.451080119Z","versions":["0.4.0"]}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/lokal-mcp/v/0.4.0"}],"affected":[{"package":{"name":"lokal-mcp","ecosystem":"npm","purl":"pkg:npm/lokal-mcp"},"versions":["0.4.0"],"database_specific":{"indicators":{"package_integrity":[{"filename":"lokal-mcp-0.4.0.tgz","hashes":{"sha1":"d60baa9429165d3bb98f9402e60b0966f4b21392","sha512_sri":"sha512-Ud963wlruJF0NedSxK1NNLWFHZ4z+gDADfM1SPJJIaVdi4ZsB8Fy36Cs0bwag1dLkLRTo4T1RVamGMHdkUA73g=="}}],"evidence_files":[{"sha256":"2d09d2163e5697222dc407fb8d8063fab66b64f4b38c6f2ca18d47d5531b8846","path":"index.js","tlsh":"8082d7a1b160153a26b5c3ad36079608f7b4f213718084177abcb3692ffe15893e6e7d"}]},"cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/lokal-mcp/MAL-2026-4602.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}