MAL-2026-5485
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/mcp-server-supabase/MAL-2026-5485.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MAL-2026-5485
- Published
- 2026-06-09T20:33:36Z
- Modified
- 2026-06-12T20:01:44.109242621Z
- Summary
- Malicious code in mcp-server-supabase (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (85ea87cccc1a60ceb3cf3efe3d5e9839ae5e2a53beaa024a66827f2cdc2504c8)
Package squats the unscoped name
mcp-server-supabaseto interceptnpx mcp-server-supabaseinvocations intended for the official scoped Supabase Model Context Protocol server.package.jsondeclares"postinstall": "node index.js", andindex.jscollectsos.hostname(),os.platform(),process.cwd(),npm_config_user_agent, and Node.js version, then POSTs them tohttps://npx-canary-log.vulnerable-live.workers.dev/log(hardcoded at index.js:16). Every install ornpxinvocation silently transmits installer host identifiers to an attacker-controlled Cloudflare Workers endpoint, with no consent, opt-out, or documentation prior to install. The name-confusion attack ensures AI coding agents and developer tooling that invoke the unscoped name are routed to this code instead of the legitimate scoped package. - Database specific
{ "malicious-packages-origins": [ { "modified_time": "2026-06-09T20:33:37Z", "source": "amazon-inspector", "sha256": "08b416eb115aa1fc3bcf831a10dcb808fcaa66c0c5d8986fc10fe61ca901584d", "id": "IN-MAL-2026-005218", "versions": [ "0.0.1" ], "import_time": "2026-06-09T20:45:55.633073611Z" }, { "modified_time": "2026-06-09T20:33:36Z", "source": "amazon-inspector", "sha256": "fdd7519780160ab3a92639d54eab0a62f08b3d435e61276f4ba599c638c3cd40", "id": "IN-MAL-2026-005217", "versions": [ "0.0.1" ], "import_time": "2026-06-09T20:45:55.5165788Z" }, { "modified_time": "2026-06-12T19:04:50Z", "source": "amazon-inspector", "sha256": "437a772e3658568d06f1071a482406523fe96faa46bddc4be35a2e3a45a216ec", "id": "IN-MAL-2026-005920", "import_time": "2026-06-12T19:43:47.636332059Z", "versions": [ "0.0.2" ] }, { "modified_time": "2026-06-12T19:04:49Z", "source": "amazon-inspector", "sha256": "85ea87cccc1a60ceb3cf3efe3d5e9839ae5e2a53beaa024a66827f2cdc2504c8", "id": "IN-MAL-2026-005919", "versions": [ "0.0.2" ], "import_time": "2026-06-12T19:43:47.541860966Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
Affected packages
npm / mcp-server-supabase
Package
- Name
- mcp-server-supabase
- View open source insights on deps.dev
- Purl
- pkg:npm/mcp-server-supabase
Database specific
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/mcp-server-supabase/MAL-2026-5485.json"
cwes
[
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
},
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
}
]
indicators
{
"package_integrity": [
{
"filename": "mcp-server-supabase-0.0.1.tgz",
"hashes": {
"sha512_sri": "sha512-BsJPxD8cz1K9NMUPcgPmb6WD6bJwccDiFHZkVNqx2P+GBvC+mfA+AL/G9jzFkWHbOXfMg44XkVCOtQQLE5daSQ==",
"sha1": "53c3f9388bd9cb7fd862b9d6dd1c46f2b7b935c2"
}
}
],
"evidence_files": [
{
"sha256": "f51bf8adfd8286861e0d580cb654ec8c989708c2174a85a98192f5b1363f968f",
"tlsh": "133195e181f805351bee46d3e1e9a899a36ff1263a0778f0b45e02691fc909807b1cd2",
"path": "index.js"
},
{
"sha256": "fc34b558cf6802024814801a560fa4ee4c85470ab43a171c2c13a94d4081c7cc",
"tlsh": "4af09e70d87495330aed4ae10476a444b579aa161640fc2913d3506cd75c9b713bf29c",
"path": "package.json"
}
],
"domains": [
"npx-canary-log.vulnerable-live.workers.dev"
]
}