PkgRadar

Malware advisory

MAL-2026-3609

Malicious code in forge-jsxy (npm)

7 affected releases in the PkgRadar corpus · published 2026-05-06 · upstream advisory

Affected packages

PackageEcosystemVersionVerdictScanned (UTC)
forge-jsxynpm1.0.121High risk2026-06-03
forge-jsxynpm1.0.120High risk2026-06-03
forge-jsxynpm1.0.108High risk2026-06-03
forge-jsxynpm1.0.107High risk2026-06-03
forge-jsxynpm1.0.105High risk2026-06-03
forge-jsxynpm1.0.92High risk2026-06-03
forge-jsxynpm1.0.91High risk2026-06-03

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.