npm
Malicious express-session-js @1.0.0
Vulnerability report · Last retrieved from osv.dev July 7, 2026 at 1:17 AM UTC
OSV ID
MAL-2026-2419
Ecosystem
npm
Summary
The package express-session-js was found to contain malicious code.
Source: amazon-inspector (853f35820c1bfb3bd8be7548debc48dbf86de52a43e91d7b586a9b1ce86a54c7)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.