MAL-2026-5481
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/mcp-server-postgres/MAL-2026-5481.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MAL-2026-5481
- Published
- 2026-06-09T20:34:49Z
- Modified
- 2026-06-12T20:01:43.759089645Z
- Summary
- Malicious code in mcp-server-postgres (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (f0b86cc4cf49b5d6cda37126f6a0c7c9f9fec648eb4d4743b6f39423613d3122)
Package squats the unscoped name
mcp-server-postgres(impersonating the official scoped MCP postgres server). package.json declares"postinstall": "node index.js", which fires unconditionally onnpm install. index.js loadsos,https, andhttp, then POSTs a JSON body containingos.hostname(),process.cwd(), the npm user-agent, Node version, andos.platform()to a hardcoded Cloudflare Workers endpoint athttps://npx-canary-log.vulnerable-live.workers.dev/log. Installers and CI systems runningnpm installornpx mcp-server-postgresleak host identifiers and working-directory paths to a third-party endpoint without consent. Although the author self-describes the package as a 'canary' for npx-confusion research, the typosquat name combined with unsolicited install-time host telemetry exfiltration constitutes a supply-chain attack against installers. - Database specific
{ "malicious-packages-origins": [ { "modified_time": "2026-06-09T20:34:49Z", "source": "amazon-inspector", "sha256": "6c4d1fa0d6fdf2966637bf91c161f3c063aa675eeca88bd0f9abf002c51070c6", "id": "IN-MAL-2026-005231", "versions": [ "0.0.1" ], "import_time": "2026-06-09T20:45:57.509546196Z" }, { "modified_time": "2026-06-09T20:34:50Z", "source": "amazon-inspector", "sha256": "ee78fcc5f02c57d736d4788fc916c776b9db61a18edad8291254ad697763f597", "id": "IN-MAL-2026-005232", "import_time": "2026-06-09T20:45:57.599849438Z", "versions": [ "0.0.1" ] }, { "modified_time": "2026-06-12T19:07:29Z", "source": "amazon-inspector", "sha256": "083002f0c966dc86b847b4a40733a705c82249bbdad0d7f3fef8861f58f983f1", "id": "IN-MAL-2026-006022", "import_time": "2026-06-12T19:43:59.235102535Z", "versions": [ "0.0.2" ] }, { "modified_time": "2026-06-12T19:07:27Z", "source": "amazon-inspector", "sha256": "f0b86cc4cf49b5d6cda37126f6a0c7c9f9fec648eb4d4743b6f39423613d3122", "id": "IN-MAL-2026-006019", "import_time": "2026-06-12T19:43:58.903981438Z", "versions": [ "0.0.2" ] } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
Affected packages
npm / mcp-server-postgres
Package
- Name
- mcp-server-postgres
- View open source insights on deps.dev
- Purl
- pkg:npm/mcp-server-postgres
Database specific
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/mcp-server-postgres/MAL-2026-5481.json"
cwes
[
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
},
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
}
]
indicators
{
"package_integrity": [
{
"filename": "mcp-server-postgres-0.0.1.tgz",
"hashes": {
"sha512_sri": "sha512-IxhzDulWucT/bRAY4fo07EpNfusWdSz1iCwmawMrlUeIJXbovHCwDa8qq04xY2w8EYWvE/SjiCIbyl6PuqVS2Q==",
"sha1": "619d5e7a8cf71d7cbf29b260f406442286c4935f"
}
}
],
"evidence_files": [
{
"sha256": "7e44b21be634b28a9772004faf455a933349127afe559353d0e7e61dccdbbb7b",
"tlsh": "6c3195e180f805351fee46d3e2e9a899a36ff126360778f0b49e02295fc90980771cd2",
"path": "index.js"
}
],
"domains": [
"npx-canary-log.vulnerable-live.workers.dev"
]
}