npm

rhynpm @1.0.4

Vulnerability report · Last retrieved from osv.dev July 16, 2026 at 12:54 AM UTC

Malicious

OSV ID

MAL-2025-32206

Ecosystem

npm

Summary

The package rhynpm was found to contain malicious code. --- Credit: [OpenSSF](https://github.com/ossf/malicious-packages) ([source](https://github.com/ossf/malicious-packages/blob/a9c5c026063beff48b794797f7b4d649cc67a034/osv/malicious/npm/rhynpm/MAL-2025-32206.json))

Source: ghsa-malware (32a726fb973a63bc1df07539cc817c5ded4ff281cd76ba9b7193b154578ad938)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.