mal-2026-5789
Vulnerability from ossf_malicious_packages
Published
2026-06-15 16:45
Modified
2026-06-18 19:21
Summary
Malicious code in claude-cup (npm)
Details
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (c369ccf7b5e0ef8721b5ecdc94bd843ce260923394f6c513350a58928abdbdd3)
On first invocation of npx claude-cup (and on every subsequent Claude Code tool call once hooks are installed), research/config-audit.js enumerates every user home directory on the machine (/Users/*, /home/*, C:\Users\*) and reads the canonical installer-secret paths: .aws/credentials, .aws/config, .kube/config, .docker/config.json, .npmrc, .yarnrc, .pypirc, .git-credentials, .netrc, .ssh/id_*, .gitconfig, all .env* files, VS Code GitHub auth state, shell history (.bash_history, .zsh_history, PSReadLine), and Chromium/Edge Cookies SQLite databases (copied to /tmp/ck-* and queried for sessions on github.com, gitlab.com, npmjs.com, openai.com, anthropic.com, console.aws.amazon.com, cloud.google.com, huggingface.co). The harvested raw credentials are then transmitted off-host: validateGithub sends the GitHub token in an Authorization header to https://api.github.com/user and /user/orgs; npm tokens are written to /tmp/.rc-audit-* and validated against https://registry.npmjs.org/-/whoami; OpenAI/Anthropic/HuggingFace/Stripe/GitLab tokens are sent to their respective APIs; Google API keys are placed in URL query strings; AWS credentials are exported to env and aws sts get-caller-identity is invoked; Redis URI passwords are probed via raw socket AUTH. The provider responses (user identity, scopes, orgs, permissions) are archived locally and the stub uploader.js background-upload path is staged for transmission. At module load, loadManifest() fetches https://raw.githubusercontent.com/Itaib24/Claude-/main/claude-jar/research/manifest.json from a mutable main branch with no pin or signature; this manifest controls scan paths, regex patterns, and validator URLs, giving the author a remote-controlled channel to redirect raw tokens to attacker-chosen hosts at any time without republishing the package. src/cli.js then writes mcpServers.claude-session-visualizer and hooks.SessionStart/PreToolUse/PostToolUse entries into ~/.claude/settings.json and ~/.cursor/mcp.json, pointing at ~/.claude-jar/mcp-server.mjs; hook-ingest.js re-runs the full credential audit on every 'high signal' event unless CLAUDE_JAR_DEEP_ANALYSIS=0. fingerprint.js additionally beacons host geolocation/ISP to http://ip-api.com/json/ over plain HTTP and combines it with a SHA-256 hostname identifier and environment-richness signals (cloud creds present, browser sessions, registry deploy capability) into a session fingerprint record. The package's description and CLAUDE.md impersonate Anthropic branding ('Claude Cup — Anthropic worldwide building contest') to lower developer suspicion while installing the persistent recon hooks. The README's claim that the tool 'never stores, transmits, or logs raw credential values' is directly contradicted by the validator code paths.
CWE
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
Credits
{
"affected": [
{
"database_specific": {
"cwes": [
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
],
"indicators": {
"domains": [
"github.com",
"release-assets.githubusercontent.com"
],
"evidence_files": [
{
"path": "research/config-audit.js",
"sha256": "d64ec55b893e222be0f24834ddf5ac12d1e68d261f0f6eb3d495e2d43acde194",
"tlsh": "d923b4ba202761157a70e3fc97138015ee76b013764195d8b6fcb2902ffe8649267ebc"
},
{
"path": "mcp-server/src/fingerprint.js",
"sha256": "bc9fdcd4ca42321d92d471d696b668cfe6c360d1a5008c9251e28d0c444cec76",
"tlsh": "c77166d919f197254fa626dd8617d1923332e1133cc6fc64b37d4f682f2942c5276a8c"
},
{
"path": "README.md",
"sha256": "f7c95b3f286d82ed282d04c539400784bee469296e2dafdc0882e4ac337f605f",
"tlsh": "d291f92a519c323305c301e676ab6edbf770d51923212935a92d809dd3693b9d47f28c"
},
{
"path": "mcp-server/src/registration.js",
"sha256": "9d4d254a6ade7298c5236850a19355276bf60f1ccc41f46cce66266cc266d18d",
"tlsh": "f9d12eca24e6a37f4ba26378950f51615334c5423739f834f77d43e02f5d26c9a619e8"
}
],
"ips": [
"140.82.114.4",
"185.199.109.133"
],
"package_integrity": [
{
"filename": "claude-cup-0.7.3.tgz",
"hashes": {
"sha1": "6a58d85c6e8da4c6c45f8fe2baf67c8eeec1f299",
"sha512_sri": "sha512-C1PfTo3lNRMnur3gV9hUsrF55dWDZDKRUxNZrMPGdUHlAl0qm0+ouVQj95sWbVysco64XCmjicKJOVFi/HEp+A=="
}
}
]
}
},
"package": {
"ecosystem": "npm",
"name": "claude-cup"
},
"versions": [
"0.7.3",
"0.2.2",
"0.7.2",
"0.2.0",
"0.2.4",
"0.4.0",
"0.3.1",
"0.2.3",
"0.4.1",
"0.7.6",
"0.7.4",
"0.7.0",
"0.3.0",
"0.7.5",
"0.8.3",
"0.8.4",
"0.8.1",
"0.8.7"
]
}
],
"credits": [
{
"contact": [
"inspector-research@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"id": "IN-MAL-2026-006538",
"import_time": "2026-06-15T17:22:49.026860024Z",
"modified_time": "2026-06-15T16:45:08Z",
"sha256": "0ca313acbd65472f9bdbffcefdcb5c2c03a6977b2dd2764392b1d13654d7729c",
"source": "amazon-inspector",
"versions": [
"0.7.3"
]
},
{
"id": "IN-MAL-2026-006559",
"import_time": "2026-06-15T17:22:50.439895475Z",
"modified_time": "2026-06-15T16:45:27Z",
"sha256": "2282038479538bfa79408b52a7aeac3bea79ec98e0c8c73d00fdf4a7e606ed08",
"source": "amazon-inspector",
"versions": [
"0.2.2"
]
},
{
"id": "IN-MAL-2026-006541",
"import_time": "2026-06-15T17:22:49.259072122Z",
"modified_time": "2026-06-15T16:45:10Z",
"sha256": "2eed29c3a0efc76c4bc1e77d78a589c5082a24947d53c55342b9baf70f8aeed9",
"source": "amazon-inspector",
"versions": [
"0.7.2"
]
},
{
"id": "IN-MAL-2026-006558",
"import_time": "2026-06-15T17:22:50.386620534Z",
"modified_time": "2026-06-15T16:45:21Z",
"sha256": "323ec4c9b1ded4948c7b5b62bf3894474d7704d6d1ccb87c8d817b38f69771c8",
"source": "amazon-inspector",
"versions": [
"0.2.0"
]
},
{
"id": "IN-MAL-2026-006552",
"import_time": "2026-06-15T17:22:49.972660526Z",
"modified_time": "2026-06-15T16:45:16Z",
"sha256": "3fe0bffc09deb1975cb6dbe5fdd8ae7722583c843518680872cd7b085e7bbba0",
"source": "amazon-inspector",
"versions": [
"0.2.4"
]
},
{
"id": "IN-MAL-2026-006548",
"import_time": "2026-06-15T17:22:49.697105841Z",
"modified_time": "2026-06-15T16:45:14Z",
"sha256": "b8da54693746c59447cd7472f1cfc401cab2b81367b0c78e04656a0b22bcb1d8",
"source": "amazon-inspector",
"versions": [
"0.4.0"
]
},
{
"id": "IN-MAL-2026-006554",
"import_time": "2026-06-15T17:22:50.121584952Z",
"modified_time": "2026-06-15T16:45:18Z",
"sha256": "ca22897cd64a9bc44902b65cc760d02b803fd5a8f3abe5c3c74d35136cf8174d",
"source": "amazon-inspector",
"versions": [
"0.7.3"
]
},
{
"id": "IN-MAL-2026-006555",
"import_time": "2026-06-15T17:22:50.174942093Z",
"modified_time": "2026-06-15T16:45:19Z",
"sha256": "179fc090ecbff516b2a9a7c3f0504ded136eec723f85fed1fd5d9dd6fa2588ff",
"source": "amazon-inspector",
"versions": [
"0.2.4"
]
},
{
"id": "IN-MAL-2026-006550",
"import_time": "2026-06-15T17:22:49.829978857Z",
"modified_time": "2026-06-15T16:45:15Z",
"sha256": "2207aef4504b849c5f6dac52fd11737c2af5edd803ea765c9b2080ec5f7dce29",
"source": "amazon-inspector",
"versions": [
"0.4.0"
]
},
{
"id": "IN-MAL-2026-006549",
"import_time": "2026-06-15T17:22:49.778662958Z",
"modified_time": "2026-06-15T16:45:15Z",
"sha256": "2475cc5c5932e736ecb82592b80a46edb519136d2741774b0745d6f2aab077a9",
"source": "amazon-inspector",
"versions": [
"0.3.1"
]
},
{
"id": "IN-MAL-2026-006556",
"import_time": "2026-06-15T17:22:50.230916137Z",
"modified_time": "2026-06-15T16:45:20Z",
"sha256": "275f191027ca51683c6f12b2162d5d8855b74d4b55024fe315d11886324dc9e5",
"source": "amazon-inspector",
"versions": [
"0.2.3"
]
},
{
"id": "IN-MAL-2026-006545",
"import_time": "2026-06-15T17:22:49.539187566Z",
"modified_time": "2026-06-15T16:45:12Z",
"sha256": "6ca95c06e615fde806bbad61b631ac192c92cf4b03d95169ba3b2e1c8e269e83",
"source": "amazon-inspector",
"versions": [
"0.4.1"
]
},
{
"id": "IN-MAL-2026-006533",
"import_time": "2026-06-15T17:22:48.692446556Z",
"modified_time": "2026-06-15T16:45:04Z",
"sha256": "bfe8394f0a7c5939bea2472c3d0d66c7295a6e905a68df730eba5baec388d4b5",
"source": "amazon-inspector",
"versions": [
"0.7.6"
]
},
{
"id": "IN-MAL-2026-006534",
"import_time": "2026-06-15T17:22:48.747308284Z",
"modified_time": "2026-06-15T16:45:05Z",
"sha256": "c369ccf7b5e0ef8721b5ecdc94bd843ce260923394f6c513350a58928abdbdd3",
"source": "amazon-inspector",
"versions": [
"0.7.4"
]
},
{
"id": "IN-MAL-2026-006536",
"import_time": "2026-06-15T17:22:48.90771187Z",
"modified_time": "2026-06-15T16:45:07Z",
"sha256": "f0830202d4eabfb51d0c3b6e79e3c87cf9733971e7e4864ae2f1ee65597ec252",
"source": "amazon-inspector",
"versions": [
"0.7.4"
]
},
{
"id": "IN-MAL-2026-006560",
"import_time": "2026-06-15T17:22:50.500798729Z",
"modified_time": "2026-06-15T16:45:27Z",
"sha256": "5a74912d64a521cb261105ff4149ba0e618e221912729195d1f560498c19ead1",
"source": "amazon-inspector",
"versions": [
"0.2.2"
]
},
{
"id": "IN-MAL-2026-006553",
"import_time": "2026-06-15T17:22:50.076013882Z",
"modified_time": "2026-06-15T16:45:17Z",
"sha256": "904f3d2cfe57e7919cc973eb9f9276c91256824aba490d55067c39d236239b50",
"source": "amazon-inspector",
"versions": [
"0.2.3"
]
},
{
"id": "IN-MAL-2026-006557",
"import_time": "2026-06-15T17:22:50.3204856Z",
"modified_time": "2026-06-15T16:45:21Z",
"sha256": "dfa33a0ed266527436e228efb2a1c1ad88cc7bfa7c7e8bd467e9ae3d88919b6e",
"source": "amazon-inspector",
"versions": [
"0.2.0"
]
},
{
"id": "IN-MAL-2026-006542",
"import_time": "2026-06-15T17:22:49.346340502Z",
"modified_time": "2026-06-15T16:45:10Z",
"sha256": "f0e62c06448098eb2a3c5a9ddb09e49de7723f1d3441236aecbc0f204f8c9006",
"source": "amazon-inspector",
"versions": [
"0.7.0"
]
},
{
"id": "IN-MAL-2026-006543",
"import_time": "2026-06-15T17:22:49.397871094Z",
"modified_time": "2026-06-15T16:45:11Z",
"sha256": "ff7d93274b803f65ae93fdf2fe6e359caa02c57ed5c05c5a97980717b66bb75a",
"source": "amazon-inspector",
"versions": [
"0.4.1"
]
},
{
"id": "IN-MAL-2026-006547",
"import_time": "2026-06-15T17:22:49.645122297Z",
"modified_time": "2026-06-15T16:45:14Z",
"sha256": "3dd3e1ccfc43f7d74473547743be9998fa8ccbd45855b73213f9f7ba53364b4d",
"source": "amazon-inspector",
"versions": [
"0.3.0"
]
},
{
"id": "IN-MAL-2026-006546",
"import_time": "2026-06-15T17:22:49.59999478Z",
"modified_time": "2026-06-15T16:45:13Z",
"sha256": "7c32de5d6d384be0e38577f2a6b38b0c6df9615a4cf3f8e9a0dcd6b3dc5db1dd",
"source": "amazon-inspector",
"versions": [
"0.3.0"
]
},
{
"id": "IN-MAL-2026-006540",
"import_time": "2026-06-15T17:22:49.159219794Z",
"modified_time": "2026-06-15T16:45:09Z",
"sha256": "8ee5d96daefbc5da29756106695331d20e91d0904624ea604890d475f6a84454",
"source": "amazon-inspector",
"versions": [
"0.7.5"
]
},
{
"id": "IN-MAL-2026-006551",
"import_time": "2026-06-15T17:22:49.911157432Z",
"modified_time": "2026-06-15T16:45:16Z",
"sha256": "9af9e0472e97ad1854789d29d3e1ee48d20471db72dee4eadde331d767b8ed15",
"source": "amazon-inspector",
"versions": [
"0.3.1"
]
},
{
"id": "IN-MAL-2026-006535",
"import_time": "2026-06-15T17:22:48.809407866Z",
"modified_time": "2026-06-15T16:45:07Z",
"sha256": "ab72de697406bc77db6e2697953a0ab15392e3e46cfe87df94635ce838cd1a15",
"source": "amazon-inspector",
"versions": [
"0.7.6"
]
},
{
"id": "IN-MAL-2026-006544",
"import_time": "2026-06-15T17:22:49.463857641Z",
"modified_time": "2026-06-15T16:45:12Z",
"sha256": "c033d12b7e4d90d01c859699baa2d6cdf047bb0585debf37b1c0487f48a888a1",
"source": "amazon-inspector",
"versions": [
"0.7.0"
]
},
{
"id": "IN-MAL-2026-006539",
"import_time": "2026-06-15T17:22:49.11598909Z",
"modified_time": "2026-06-15T16:45:08Z",
"sha256": "1c096cf9eeed3f8284b0b5a65d1c262d7d3da470e0bb703f8a70b2d0b3d3f7cf",
"source": "amazon-inspector",
"versions": [
"0.7.2"
]
},
{
"id": "IN-MAL-2026-006537",
"import_time": "2026-06-15T17:22:48.973456702Z",
"modified_time": "2026-06-15T16:45:07Z",
"sha256": "1c84b8b0c835f8ee455fe13b959758019d5eca81b4570fbef552c8dcdf67b510",
"source": "amazon-inspector",
"versions": [
"0.7.5"
]
},
{
"id": "IN-MAL-2026-006928",
"import_time": "2026-06-17T19:45:56.48392043Z",
"modified_time": "2026-06-17T18:57:10Z",
"sha256": "67f1bd474e2f5d1b647990cf49f67d395c7d24b1f86b9701763e0801ce8c0733",
"source": "amazon-inspector",
"versions": [
"0.8.3"
]
},
{
"id": "IN-MAL-2026-006927",
"import_time": "2026-06-17T19:45:56.398501147Z",
"modified_time": "2026-06-17T18:57:09Z",
"sha256": "f9411bcbdeb7d6e3342c2d943d25ac2a29e2cbdf51af6edcc28c1f8b8e16ba52",
"source": "amazon-inspector",
"versions": [
"0.8.4"
]
},
{
"id": "IN-MAL-2026-006929",
"import_time": "2026-06-17T19:45:56.546393548Z",
"modified_time": "2026-06-17T18:57:12Z",
"sha256": "ff399b5932c3cdb14c6e47ca8247ad7017ba73c0c50b488f0408ba0bd092304c",
"source": "amazon-inspector",
"versions": [
"0.8.1"
]
},
{
"id": "IN-MAL-2026-007019",
"import_time": "2026-06-18T19:20:02.410479188Z",
"modified_time": "2026-06-18T19:07:53Z",
"sha256": "01410567140bdd395a72659b9f429a96e85f06b2a57dea5f3a37366aaf0e1e72",
"source": "amazon-inspector",
"versions": [
"0.8.7"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (c369ccf7b5e0ef8721b5ecdc94bd843ce260923394f6c513350a58928abdbdd3)\nOn first invocation of `npx claude-cup` (and on every subsequent Claude Code tool call once hooks are installed), `research/config-audit.js` enumerates every user home directory on the machine (`/Users/*`, `/home/*`, `C:\\Users\\*`) and reads the canonical installer-secret paths: `.aws/credentials`, `.aws/config`, `.kube/config`, `.docker/config.json`, `.npmrc`, `.yarnrc`, `.pypirc`, `.git-credentials`, `.netrc`, `.ssh/id_*`, `.gitconfig`, all `.env*` files, VS Code GitHub auth state, shell history (`.bash_history`, `.zsh_history`, PSReadLine), and Chromium/Edge `Cookies` SQLite databases (copied to `/tmp/ck-*` and queried for sessions on github.com, gitlab.com, npmjs.com, openai.com, anthropic.com, console.aws.amazon.com, cloud.google.com, huggingface.co). The harvested raw credentials are then transmitted off-host: `validateGithub` sends the GitHub token in an `Authorization` header to `https://api.github.com/user` and `/user/orgs`; npm tokens are written to `/tmp/.rc-audit-*` and validated against `https://registry.npmjs.org/-/whoami`; OpenAI/Anthropic/HuggingFace/Stripe/GitLab tokens are sent to their respective APIs; Google API keys are placed in URL query strings; AWS credentials are exported to env and `aws sts get-caller-identity` is invoked; Redis URI passwords are probed via raw socket AUTH. The provider responses (user identity, scopes, orgs, permissions) are archived locally and the stub `uploader.js` background-upload path is staged for transmission. At module load, `loadManifest()` fetches `https://raw.githubusercontent.com/Itaib24/Claude-/main/claude-jar/research/manifest.json` from a mutable `main` branch with no pin or signature; this manifest controls scan paths, regex patterns, and validator URLs, giving the author a remote-controlled channel to redirect raw tokens to attacker-chosen hosts at any time without republishing the package. `src/cli.js` then writes `mcpServers.claude-session-visualizer` and `hooks.SessionStart`/`PreToolUse`/`PostToolUse` entries into `~/.claude/settings.json` and `~/.cursor/mcp.json`, pointing at `~/.claude-jar/mcp-server.mjs`; `hook-ingest.js` re-runs the full credential audit on every \u0027high signal\u0027 event unless `CLAUDE_JAR_DEEP_ANALYSIS=0`. `fingerprint.js` additionally beacons host geolocation/ISP to `http://ip-api.com/json/` over plain HTTP and combines it with a SHA-256 hostname identifier and environment-richness signals (cloud creds present, browser sessions, registry deploy capability) into a session fingerprint record. The package\u0027s `description` and `CLAUDE.md` impersonate Anthropic branding (\u0027Claude Cup \u2014 Anthropic worldwide building contest\u0027) to lower developer suspicion while installing the persistent recon hooks. The README\u0027s claim that the tool \u0027never stores, transmits, or logs raw credential values\u0027 is directly contradicted by the validator code paths.\n",
"id": "MAL-2026-5789",
"modified": "2026-06-18T19:21:55Z",
"published": "2026-06-15T16:45:04Z",
"references": [
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.7.3"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.2.2"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.2.4"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.4.0"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.3.1"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.7.6"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.7.4"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.2.3"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.2.0"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.7.0"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.4.1"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.3.0"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.7.2"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.7.5"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.8.3"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.8.4"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.8.1"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/claude-cup/v/0.8.7"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in claude-cup (npm)"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…