npm
Malicious @gleamkit/socket.io @4.8.8
Vulnerability report · Last retrieved from osv.dev July 14, 2026 at 9:46 AM UTC
OSV ID
MAL-2026-10477
Ecosystem
npm
Summary
The package was found to contain malicious code or consuming dependency that contains malicious code
Source: amazon-inspector (1d6a306142d74b2781d66322adf2bc1b9898bfdb8e1814d2cb511c3e49b75c13)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.