npm
Malicious @antv/color-util @2.2.6
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC
OSV ID
MAL-2026-3862
Ecosystem
npm
Summary
The package @antv/color-util was found to contain malicious code.
Source: amazon-inspector (780e332c3d8bbe0b2f28a2cd11e2ca7073c36d95d89372b5d53edbc41a527462)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.