{"schema_version":"1.7.5","id":"MAL-2026-772","published":"2026-02-05T08:16:03Z","modified":"2026-03-19T12:42:40.553965Z","summary":"Malicious code in conp-dats-editor (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf)\nThe package conp-dats-editor was found to contain malicious code.\n\n## Source: ossf-package-analysis (5cc3fee45af6f0e407d38408a6aa3f93cdf57db282c56f1b96c216a1fdfc9c74)\nThe OpenSSF Package Analysis project identified 'conp-dats-editor' @ 999.999.992 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","affected":[{"package":{"name":"conp-dats-editor","ecosystem":"npm","purl":"pkg:npm/conp-dats-editor"},"versions":["999.999.992","999.999.990","999.999.991","999.999.999"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/conp-dats-editor/MAL-2026-772.json"}}],"database_specific":{"malicious-packages-origins":[{"import_time":"2026-02-06T00:31:44.158274973Z","modified_time":"2026-02-05T08:16:03Z","sha256":"5cc3fee45af6f0e407d38408a6aa3f93cdf57db282c56f1b96c216a1fdfc9c74","source":"ossf-package-analysis","versions":["999.999.992"]},{"import_time":"2026-02-06T03:03:35.624838664Z","modified_time":"2026-02-06T02:07:02Z","sha256":"adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf","source":"amazon-inspector","versions":["999.999.992"]},{"id":"RLMA-2026-01218","import_time":"2026-03-19T12:18:43.444851629Z","modified_time":"2026-03-18T12:44:50Z","sha256":"4e47b3d8aefeb1ce047a36a4c96e01642d2dd39260f0c64b4b8dbe88bb891fb9","source":"reversing-labs","versions":["999.999.990","999.999.991","999.999.992","999.999.999"]}]},"credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}