npm
Malicious @citi-icg-171632/citicms-repo-component @99.9.1
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-4256
Ecosystem
npm
Summary
The OpenSSF Package Analysis project identified '@citi-icg-171632/citicms-repo-component' @ 99.9.1 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Source: ossf-package-analysis (88e5400167d9962139f78098013ac4e5eadeeaa76b8916ba246c5f6b2093f508)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.