diff --git a/.github/ioc-candidates/review/osv-29329808137.json b/.github/ioc-candidates/review/osv-29329808137.json new file mode 100644 index 00000000..7e5a80ce --- /dev/null +++ b/.github/ioc-candidates/review/osv-29329808137.json @@ -0,0 +1,76 @@ +[ + { + "ecosystem": "npm", + "ioc_type": "package_name", + "value": "@vite-mcp/vite-type", + "confidence": "high", + "reason": "Malicious code in @vite-mcp/vite-type (npm)", + "source": "https://osv.dev/vulnerability/MAL-2026-10525", + "first_seen": "2026-07-14", + "suggested_action": "block", + "promote_to": "watch_only", + "blacklist_id": "MAL-2026-10525", + "affected_versions": [ + "6.44.1" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "notes": "OSV-confirmed malicious package (MAL-2026-10525). Reported by: amazon-inspector, Amazon Inspector. Review affected versions before promoting to AS-008." + }, + { + "ecosystem": "npm", + "ioc_type": "package_name", + "value": "claude-team-tracker", + "confidence": "high", + "reason": "Malicious code in claude-team-tracker (npm)", + "source": "https://osv.dev/vulnerability/MAL-2026-10473", + "first_seen": "2026-07-13", + "suggested_action": "block", + "promote_to": "watch_only", + "blacklist_id": "MAL-2026-10473", + "affected_versions": [ + "1.2.0", + "1.2.1", + "1.2.2" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "notes": "OSV-confirmed malicious package (MAL-2026-10473). Reported by: amazon-inspector, Amazon Inspector. Review affected versions before promoting to AS-008." + }, + { + "ecosystem": "npm", + "ioc_type": "package_name", + "value": "polymarket-mcp-v2", + "confidence": "high", + "reason": "Malicious code in polymarket-mcp-v2 (npm)", + "source": "https://osv.dev/vulnerability/MAL-2026-10481", + "first_seen": "2026-07-13", + "suggested_action": "block", + "promote_to": "watch_only", + "blacklist_id": "MAL-2026-10481", + "affected_versions": [ + "2.1.6" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "notes": "OSV-confirmed malicious package (MAL-2026-10481). Reported by: amazon-inspector, Amazon Inspector. Review affected versions before promoting to AS-008." + }, + { + "ecosystem": "npm", + "ioc_type": "package_name", + "value": "proxy-seller-mcp", + "confidence": "high", + "reason": "Malicious code in proxy-seller-mcp (npm)", + "source": "https://osv.dev/vulnerability/MAL-2026-10541", + "first_seen": "2026-07-14", + "suggested_action": "block", + "promote_to": "watch_only", + "blacklist_id": "MAL-2026-10541", + "affected_versions": [ + "0.1.7" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "notes": "OSV-confirmed malicious package (MAL-2026-10541). Reported by: amazon-inspector, Amazon Inspector. Review affected versions before promoting to AS-008." + } +]