npm
Malicious @higherlogic/ocfe @99.9.1
Vulnerability report · Last retrieved from osv.dev July 7, 2026 at 10:17 AM UTC
OSV ID
MAL-2026-6911
Ecosystem
npm
Summary
The OpenSSF Package Analysis project identified '@higherlogic/ocfe' @ 99.9.1 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Source: ossf-package-analysis (b12a43aa95319a766b8f9e0902338f11012546f1d553480d8c97d7039ad24f98)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.