PkgRadar

Composer · packagist.org

lansd/ldlib

Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.

Why PkgRadar flagged 0.23.0

SeveritySignalEvidence
highPhp Base64 Eval Chainbase64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · Lans-D-99-LDLib-ae0489f/src/Swoole/WSServer.php
highPhp Shell With Decodeexec / system / shell_exec combined with base64/hex decode. · Lans-D-99-LDLib-ae0489f/src/Swoole/WSServer.php
mediumRemote Payloadmatched "CURL " · Lans-D-99-LDLib-ae0489f/src/AWS.php
mediumRemote Payloadmatched "api.github.com/graphql" · Lans-D-99-LDLib-ae0489f/src/Git/Github.php
mediumRemote Payloadmatched "CURL " · Lans-D-99-LDLib-ae0489f/src/PostHog.php

Scanned versions

VersionVerdictScoreScanned (UTC)
0.23.0High risk582026-06-13

Block this in CI

PkgRadar gates lansd/ldlib (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer lansd/[email protected]
Start free — 25 scans / moView full evidence