npm

player-button @100.0.0

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-1818

Ecosystem

npm

Summary

The package player-button was found to contain malicious code.

Source: amazon-inspector (7ef576512d757081a6ffcf3225a09220078dde23b0825b516ee210f6bf1b0c94)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.