Malicious code in new-partial (npm)

The package new-partial was found to contain malicious code...

bud (>=0.0.0 <=0.1.2), declarative-js (>=0.0.0 <=0.0.2) +3 more potentially affected by unknown CVE via new-partial (=0.0.1)

new-partial NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on new-partial and may be impacted: - bud =0.0.0, =0.0.0, =0.0.1, =0.0.0, =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27364...

MAL-2025-27364 Malicious code in new-partial (npm)

The package new-partial was found to contain malicious code...