npm
Malicious @dervix/socket.io @4.8.9
Vulnerability report · Last retrieved from osv.dev July 14, 2026 at 9:46 AM UTC
OSV ID
MAL-2026-10475
Ecosystem
npm
Summary
The package was found to contain malicious code or consuming dependency that contains malicious code
Source: amazon-inspector (5c299d96dca6144eec3e8be8770c98430139e9b6b982762da448ef50b7bde06a)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.