npm

confluent-kafka-javascript @0.0.1

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC

Malicious

OSV ID

MAL-2026-6682

Ecosystem

npm

Summary

Analysis of this package version produced no static indicator and no traced behavioral findings. The tarball does not exhibit lifecycle-script droppers, credential reads, environment scraping, hardcoded attacker network destinations, or other installer-harm patterns. With no concrete evidence of exfiltration, install-time remote code execution, silent-relay, or backdoor mechanisms in this version's content, there is no basis to block or escalate.

Source: amazon-inspector (e20f9433c5da4c3ee143c33ec2a876e07ff01aa1188d0efa783858bcd0903d3c)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.