npm

ecto-spirit-core @3.99.1

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-2356

Ecosystem

npm

Summary

The package ecto-spirit-core was found to contain malicious code.

Source: amazon-inspector (72d3638a38fd250b18d9b93068dc16f07d03d34e87c361a41069ac57740f2629)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.