npm

nodemon-async @3.1.13

Vulnerability report · Last retrieved from osv.dev July 14, 2026 at 9:46 AM UTC

Malicious

OSV ID

MAL-2026-10454

Ecosystem

npm

Summary

The package was found to contain malicious code or consuming dependency that contains malicious code

Source: amazon-inspector (adb05cacc2c6d1059d9ee1d433398f8e39314ce83aed1429582e5fbb47e8f13a)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.