Malware advisory

MAL-2026-4533

Malicious code in codebuff-cli (npm)

8 affected releases in the PkgRadar corpus · published 2026-05-22 · upstream advisory

Affected packages

Package	Ecosystem	Version	Verdict	Scanned (UTC)
`codebuff-cli`	npm	`1.1.5`	High risk	2026-06-03
`codebuff-cli`	npm	`1.1.6`	High risk	2026-06-03
`codebuff-cli`	npm	`1.1.4`	High risk	2026-06-03
`codebuff-cli`	npm	`1.1.2`	High risk	2026-06-03
`codebuff-cli`	npm	`1.1.1`	High risk	2026-06-03
`codebuff-cli`	npm	`1.1.0`	High risk	2026-06-03
`codebuff-cli`	npm	`1.0.27`	High risk	2026-06-03
`codebuff-cli`	npm	`1.0.28`	High risk	2026-06-03

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.