typescript-base58 @1.0.0
Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 1:25 AM UTC
OSV ID
MAL-2026-6925
Ecosystem
npm
Summary
typescript-base58@1.0.0 is a one-line re-export of the 'base58-core' package. The README advertises 'Zero dependencies' while package.json declares a runtime dependency on base58-core (^1.0.0), so installing this package silently introduces base58-core into the installer's dependency tree under a misleading description. The shim itself performs no install-time or import-time actions beyond the re-export; it contains no lifecycle scripts, no network calls, no credential reads, and no obfuscation. The installer-side risk is entirely contingent on the contents of base58-core, which is not analyzed in this record.
Source: amazon-inspector (b860a9c4960f55c236ca5e14781f5dcfb60752d4367cb9aeb30762d3b023004e)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.