Description
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
Scores
CVSS v3
9.8
EPSS
0.0032
EPSS Percentile
55.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
CWE-506
Status
published
Products (2)
npm/npm-script-demo
0npm
npm-script-demo_project/npm-script-demo
0.0.1
Published
Jun 07, 2018
Tracked Since
Feb 18, 2026