mcp-server-notion @0.0.2
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-5480
Ecosystem
npm
Summary
Package occupies the unscoped name mcp-server-notion to catch misrouted installs of the scoped MCP Notion server. package.json declares "postinstall": "node index.js" , and index.js reads os.hostname() , process.cwd() , process.env.npm_config_user_agent , the Node version, and os.platform() , then POSTs them to https://npx-canary-log.vulnerable-live.workers.dev/log . The transmission fires automatically on npm install with no consent prompt or opt-in. The author self-describes the package as a security-research "canary," but the resulting behavior — squatting a confusable name and silently shipping installer host identifiers to a third-party Cloudflare Workers endpoint — is indistinguishable from a typosquat-and-beacon supply-chain attack, and the installer is not the consenting party.
Source: amazon-inspector (0423928197ec83ac273fa4a1b66d9e75398b956e7d5027014ff6326c552a46c2)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.