npm
Malicious nodemon-sync @3.1.13
Vulnerability report · Last retrieved from osv.dev July 15, 2026 at 9:54 PM UTC
OSV ID
MAL-2026-10468
Ecosystem
npm
Summary
The package was found to contain malicious code or consuming dependency that contains malicious code
Source: amazon-inspector (bf8b1d5b3dd215c6c8d726b73ad11fbb29e7285da9a7e88854552931f750d437)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.