npm
Malicious onewin-landing @99.0.0
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-2652
Ecosystem
npm
Summary
The package onewin-landing was found to contain malicious code.
Source: amazon-inspector (38fa6b80b5e487a83f8ed1eccfcc9d4bbb5d460deb678e1106aea26439c11f24)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.