OSV Malicious Advisory
scanned 2h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-7314 confirms this npm version as malicious. The package was found to contain malicious code or consuming dependency that contains malicious code
Advisory
MAL-2026-7314
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in logfuse (npm)
Details
The package was found to contain malicious code or consuming dependency that contains malicious code
Decision reason
OpenSSF Malicious Packages via OSV confirms logfuse@2.1.6 as malicious (MAL-2026-7314): Malicious code in logfuse (npm)
References
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 High
HighOsv Malicious Advisory