{"id":"MAL-2026-3049","summary":"Malicious code in classlink (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (82421cd03a138ada09a2a108b340c2ab748bbf0774a84b4f11bce5a57469d830)\nThe OpenSSF Package Analysis project identified 'classlink' @ 2.0.1 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2026-04-26T18:33:13.319904Z","published":"2026-04-26T17:10:32Z","database_specific":{"malicious-packages-origins":[{"sha256":"82421cd03a138ada09a2a108b340c2ab748bbf0774a84b4f11bce5a57469d830","versions":["2.0.1"],"modified_time":"2026-04-26T17:10:32Z","source":"ossf-package-analysis","import_time":"2026-04-26T17:18:09.419656964Z"},{"sha256":"debbaff3b3ee5fc5a533eb4cb9e524249a27fd8f620e62cdbad2c41496e4bd3a","versions":["2.0.0"],"modified_time":"2026-04-26T17:20:37Z","source":"ossf-package-analysis","import_time":"2026-04-26T17:47:15.669485271Z"},{"sha256":"5148515e90fd48786beba5126f32886c22dfa95a98a5e7d2e8ff2cc7084d3728","versions":["2.0.3"],"modified_time":"2026-04-26T18:05:49Z","source":"ossf-package-analysis","import_time":"2026-04-26T18:19:59.996495176Z"},{"sha256":"aeed628f4d299f7316e5298bae314385cc7e1a19ca4ede4f990ba4fb44e9f046","versions":["2.0.2"],"modified_time":"2026-04-26T17:55:44Z","source":"ossf-package-analysis","import_time":"2026-04-26T18:19:59.843692537Z"}]},"affected":[{"package":{"name":"classlink","ecosystem":"npm","purl":"pkg:npm/classlink"},"versions":["2.0.1","2.0.0","2.0.3","2.0.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/classlink/MAL-2026-3049.json"}}],"schema_version":"1.7.5","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}