multer-express @2.1.1
Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 1:25 AM UTC
OSV ID
MAL-2026-6387
Ecosystem
npm
Summary
Package name 'multer-express' is similar to the widely used 'multer' middleware for Express. No malicious code patterns, install-time hooks, or exfiltration behaviors were identified in the package contents. Name-similarity alone is a subjective signal and may indicate an unrelated derivative, fork, or beginner package rather than an attack. Routing to human review for name-confusion assessment.
Source: amazon-inspector (50b4df9cf15644bbea3ed944cbf168fdbad1619d0c3e10fff653b0d48c10bbb3)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.