PkgRadar

Malware advisory

MAL-2026-4592

Malicious code in jsontoken-extend (npm)

3 affected releases in the PkgRadar corpus · published 2026-05-25 · upstream advisory

Affected packages

PackageEcosystemVersionVerdictScanned (UTC)
jsontoken-extendnpm1.0.11High risk2026-06-23
jsontoken-extendnpm1.0.12High risk2026-06-23
jsontoken-extendnpm1.0.13High risk2026-06-22

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.

MAL-2026-4592 — malicious package advisory | PkgRadar