npm

@vwfs-its/sf-sac-frontend @20.1.1

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 12:22 PM UTC

Malicious

OSV ID

MAL-2026-6972

Ecosystem

npm

Summary

The OpenSSF Package Analysis project identified '@vwfs-its/sf-sac-frontend' @ 20.1.1 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. - The package executes one or more commands associated with malicious behavior.

Source: ossf-package-analysis (2e08b57aacea0c5dcc883413eddf7737e7a45fa2c21bd5381d4e80235b3ef182)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.