{"id":"MAL-2026-4730","summary":"Malicious code in wml-components (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (d65cdf836cae85d721f6a982c5941bd18037d4a3554ec4b69cd5828591ee0e20)\nwml-components@99.0.1 declares `preinstall: node poc.js` in package.json, so `npm install` automatically runs poc.js with no consent step. poc.js iterates `process.env` and captures every variable whose name matches credential-shaped prefixes (TOKEN, AWS, AZURE, NPM, GITHUB, GITLAB, CI_, JENKINS, WALMART, WMT, BUILD, PROJECT, REPO, etc.) with full values, runs host-recon commands (`ip a`/`ipconfig /all`, `id`/`whoami /all`, `os.hostname()`, `os.platform()`), and walks up the directory tree reading the parent project's package.json and CI configuration (`.gitlab-ci.yml`, `.github/workflows`, `Jenkinsfile`, `azure-pipelines.yml`). The collected bundle is POSTed over HTTPS to a hardcoded interactsh out-of-band callback host (`d8a5d9pon5bugoc35cngp9hcregcqyezu.oast.me`, poc.js:11 and poc.js:113). The package's `main` is an empty object — it provides no functionality and exists only to execute the exfiltration payload. The name and version (`wml-components@99.0.1`) are shaped as a dependency-confusion lure against an internal Walmart `wml-*` namespace, with the high version number designed to win resolution over the legitimate internal package. Although the package description claims authorized bug-bounty testing, any developer or CI system outside the intended scope that resolves this name (mistyped dependency, public-mirror automation, untargeted CI) leaks credentials, source-tree metadata, and host identifiers to the attacker-controlled OAST endpoint.\n","modified":"2026-05-26T06:03:06.195831898Z","published":"2026-05-25T14:16:15Z","database_specific":{"malicious-packages-origins":[{"versions":["99.0.1"],"source":"amazon-inspector","modified_time":"2026-05-25T14:16:15Z","id":"IN-MAL-2026-004692","sha256":"d65cdf836cae85d721f6a982c5941bd18037d4a3554ec4b69cd5828591ee0e20","import_time":"2026-05-26T05:53:05.881941582Z"},{"versions":["99.0.1"],"source":"amazon-inspector","id":"IN-MAL-2026-004693","sha256":"e9a67aea364794c5ced3d0219cade6f3cba41fe5754ab7620d86286143aa0622","modified_time":"2026-05-25T14:16:15Z","import_time":"2026-05-26T05:53:05.991788378Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/wml-components/v/99.0.1"}],"affected":[{"package":{"name":"wml-components","ecosystem":"npm","purl":"pkg:npm/wml-components"},"versions":["99.0.1"],"database_specific":{"indicators":{"evidence_files":[{"tlsh":"1871c8d482fa1e30226a7471b5cd040522d7d3933246f9d4798c1a919f9f4b482f67bd","sha256":"b208b6e0011fbfcb04cede4731fbf827f684b7815db21d8a2ca4ec6a3deaf493","path":"poc.js"}],"package_integrity":[{"filename":"wml-components-99.0.1.tgz","hashes":{"sha512_sri":"sha512-rf2EP7YwEboz5QnA16DFAeTTeERfPCMWlUD2yzooPeygiH1ysQ/uWdAPh5/nfUa3dWfuKaluY4E11IFlSqVNAQ==","sha1":"8cb00abd5d629682b163267408c3e407f7a41258"}}],"domains":["wml-components-7363616e2d37626166383563643863.d8a5d9pon5bugoc35cngp9hcregcqyezu.oast.me","d8a5d9pon5bugoc35cngp9hcregcqyezu.oast.me"]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/wml-components/MAL-2026-4730.json","cwes":[{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"}]}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}