Malware advisory

MAL-2026-2920

Malicious code in buffer-util-extend (npm)

3 affected releases in the PkgRadar corpus · published 2026-04-14 · upstream advisory

Affected packages

Package	Ecosystem	Version	Verdict	Scanned (UTC)
`buffer-util-extend`	npm	`0.0.1-security`	High risk	2026-06-03
`buffer-util-extend`	npm	`1.0.11`	High risk	2026-05-27
`buffer-util-extend`	npm	`1.0.13`	High risk	2026-05-27

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.