VDB

GCVE-110-NPM-2026-032726

GCVE-110-NPM-2026-032726
Advisory Published
Vulnetix · Advisory published July 8, 2026
[IOC-STIX-MATCH] Malicious domain api.anthropic.com — referenced in @otoji/core/scripts.js — matched: const ANTHROPIC_URL = "https://api.anthropic.com/v1/messages";

Weaknesses (CWE)

CWE-506Embedded Malicious CodeCWE-200Exposure of Sensitive Information to an Unauthorized Actor

Affected Products

VendorProductVersionsPlatforms
npm@otoji/core* (affected)

References

advisory
web

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›