MAL-2026-3455 Malicious code in @squawk/units (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39aaec9f38434cc7c5012cfde1e1156723d161341b897788e743f6360f369e71 The package @squawk/units was found to contain malicious code. Source: ghsa-malware 464a63d0dfe63cb91f03d50ef10143eae2c9d581998ff6025ba48e18c8d89ed5...

@squawk/airports (>=0.2.0 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +7 more potentially affected by unknown CVE via @squawk/units (=0.4.2)

@squawk/units NPM version =0.4.2 is affected by a known vulnerability. The following packages have a transitive dependency on @squawk/units and may be impacted: - @squawk/airports =0.2.0, =0.2.3, =0.2.0, =0.1.0, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.4.1 Source cves: unknown CVE Source...

Malicious code in @squawk/flightplan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e10ea8e442eceb45822eebfabfb86917c9a166af2490c6e670da321110d04d47 The package @squawk/flightplan was found to contain malicious code. Source: ghsa-malware...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/flightplan (>=0.3.3 <=0.5.1)

@squawk/flightplan NPM version =0.3.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3444...

Malicious code in @squawk/airport-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airport-data (>=0.4.1 <=0.7.3)

@squawk/airport-data NPM version =0.4.1, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3435...

MAL-2026-3435 Malicious code in @squawk/airport-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...

@squawk/mcp (>=0.2.0 <=0.8.13) potentially affected by unknown CVE via @squawk/icao-registry-data (>=0.3.3 <=0.8.3)

@squawk/icao-registry-data NPM version =0.3.3, =0.2.0, =0.8.13 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3447...

MAL-2026-3447 Malicious code in @squawk/icao-registry-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b2e3d9fe7e5b2e36db3f5a5e5b4453685fe4a2993dd0116c25f290e05cce269 The package @squawk/icao-registry-data was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3456 Malicious code in @squawk/weather (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72341a088009d96497c994e0a076b60b00bf65b365831ef16abe360f5c6cf874 The package @squawk/weather was found to contain malicious code. Source: ghsa-malware 71445d30bdef8256424a60e0abf2f5e2ce43b8c7dffa1476bd2ee7001013720...

Malicious code in @squawk/weather (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72341a088009d96497c994e0a076b60b00bf65b365831ef16abe360f5c6cf874 The package @squawk/weather was found to contain malicious code. Source: ghsa-malware 71445d30bdef8256424a60e0abf2f5e2ce43b8c7dffa1476bd2ee7001013720...

MAL-2026-3441 Malicious code in @squawk/fix-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 624b956af551986dc49e0004c6e0c804f3b48f57216b63bb5784c9c236e866da The package @squawk/fix-data was found to contain malicious code. Source: ghsa-malware b47010b41e9098203e9d382c36292a5bfa3c32741fbc916a9a9935f9975fc8...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/procedure-data (>=0.3.3 <=0.7.2)

@squawk/procedure-data NPM version =0.3.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKPROCEDUREDATA-16640883...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/icao-registry (>=0.2.3 <=0.5.1)

@squawk/icao-registry NPM version =0.2.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKICAOREGISTRY-16640891...

@squawk/airport-data (>=0.2.0 <=0.7.3), @squawk/airports (>=0.2.0 <=0.6.1) +16 more potentially affected by unknown CVE via @squawk/types (>=0.3.1 <=0.8.0)

@squawk/types NPM version =0.3.1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.3.5 and more Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKTYPES-16640890...

@squawk/airports (>=0.2.0 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +7 more potentially affected by unknown CVE via @squawk/units (=0.4.2)

@squawk/units NPM version =0.4.2 is affected by a known vulnerability. The following packages have a transitive dependency on @squawk/units and may be impacted: - @squawk/airports =0.2.0, =0.2.3, =0.2.0, =0.1.0, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.4.1 Source cves: unknown CVE Source...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airports (>=0.3.2 <=0.6.1)

@squawk/airports NPM version =0.3.2, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRPORTS-16640888...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/fixes (>=0.1.4 <=0.3.1)

@squawk/fixes NPM version =0.1.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFIXES-16640881...

@squawk/mcp (>=0.2.0 <=0.8.13) potentially affected by unknown CVE via @squawk/icao-registry-data (>=0.3.3 <=0.8.3)

@squawk/icao-registry-data NPM version =0.3.3, =0.2.0, =0.8.13 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKICAOREGISTRYDATA-16640875...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/navaids (>=0.2.4 <=0.4.1)

@squawk/navaids NPM version =0.2.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKNAVAIDS-16640884...