npm
Malicious postcss-property-rollup @0.0.1
Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC
OSV ID
MAL-2026-6684
Ecosystem
npm
Summary
postcss-property-rollup@0.0.1 was scanned with no a static rule matches and no behavioral findings. No exfiltration, install-time fetch-and-execute, silent-relay, credential distribution, backdoor, or dropper patterns were observed in the package contents.
Source: amazon-inspector (acb8d62cdeb6a2c19937f3d02aa6214a23114e4dbc38373e6107c8345c3f1f9f)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.