npm

@antv/stat @0.2.2

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-4086

Ecosystem

npm

Summary

The package @antv/stat was found to contain malicious code.

Source: amazon-inspector (4b9163a15028c98ca75d017e963ed7bcdf9e6bb67fd32dc4a206876346857240)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.