MAL-2026-247

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ts-tweetnacl/MAL-2026-247.json
JSON Data
https://api.test.osv.dev/v1/vulns/MAL-2026-247
Published
2026-01-13T16:34:25Z
Modified
2026-01-15T22:24:30.136532Z
Summary
Malicious code in ts-tweetnacl (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (1fc02aaeff144bdf5547d650cfae75b4f8861d765cafa72a8bd01609b8be299b)

The package ts-tweetnacl was found to contain malicious code.

Source: ossf-package-analysis (b973890e15f6ac1525c83a046da3e3f20503a3c32b03759856ac14bad807e5b8)

The OpenSSF Package Analysis project identified 'ts-tweetnacl' @ 0.1.3 (npm) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.
Database specific 
{
    "malicious-packages-origins": [
        {
            "source": "ossf-package-analysis",
            "versions": [
                "0.1.3"
            ],
            "sha256": "b973890e15f6ac1525c83a046da3e3f20503a3c32b03759856ac14bad807e5b8",
            "modified_time": "2026-01-13T16:34:25Z",
            "import_time": "2026-01-13T16:45:46.658876564Z"
        },
        {
            "source": "amazon-inspector",
            "versions": [
                "0.1.3"
            ],
            "sha256": "1fc02aaeff144bdf5547d650cfae75b4f8861d765cafa72a8bd01609b8be299b",
            "modified_time": "2026-01-15T21:43:07Z",
            "import_time": "2026-01-15T22:07:40.129706229Z"
        }
    ]
}
References
Credits

Affected packages

npm / ts-tweetnacl

Package

Name
ts-tweetnacl
View open source insights on deps.dev
Purl
pkg:npm/ts-tweetnacl

Affected ranges

Affected versions

0.*

0.1.3

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ts-tweetnacl/MAL-2026-247.json"