Logo
npm

vue-demi-fix @10.0.4

Vulnerability report · Last retrieved from osv.dev June 30, 2026 at 11:01 PM UTC

Malicious

OSV ID

MAL-2026-6702

Ecosystem

npm

Summary

The OpenSSF Package Analysis project identified 'vue-demi-fix' @ 10.0.4 (npm) as malicious. It is considered malicious because: - The package executes one or more commands associated with malicious behavior.

Source: ossf-package-analysis (8fd5381cd4364444dac8d64b33e317c526ef52948ebfb9d10e11ec0909b7d383)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES