npm

prettier_v1 @3.8.5

Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 1:25 AM UTC

Malicious

OSV ID

MAL-2026-5845

Ecosystem

npm

Summary

Package name 'prettier_v1' closely resembles the widely-used 'prettier' formatter package, a classic typosquat naming pattern. The file lib/mirror.js contains a Buffer.from(..., 'base64').toString('utf8') decode primitive at line 16, which is commonly used to obscure embedded payloads. Tracing of the decoded content and its downstream use (whether it is passed to eval/exec, written to disk, or executed) was not completed, so the actual installer-side impact has not been confirmed. The combination of a typosquat-shaped name plus a base64 decode in a file named 'mirror.js' warrants human review before this package is allowed into installer environments.

Source: amazon-inspector (1ae1d77d25db3af85295c48a446f6c0f2f65252ea2483c45ce81df12c75b1fcb)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.