VDB
KO

MAL-2026-5327

Malicious code in @listings/energy-labels (npm)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: ossf-package-analysis (4df629d1450770515d9dc9346d52b9b728dbaab01bbf64a4bb5c17563dcc6991) The OpenSSF Package Analysis project identified '@listings/energy-labels' @ 99.0.1 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / @listings/energy-labels

No fixed version published yet for @listings/energy-labels (npm). Pin to a known-safe version or switch to an alternative.