npm package
node-ipc
pkg:npm/node-ipc
Malware
2 malicious versions on record
One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.
- GHSA-pvh2-rg5g-69v7Malware in node-ipcMay 29, 2026
- MAL-2026-3744Malicious code in node-ipc (npm)May 14, 2026
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23812 | — | >= 10.1.1, < 10.1.3 | 10.1.3 | Mar 16, 2022 | This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code |
- CVE-2022-23812Mar 16, 2022affected >= 10.1.1, < 10.1.3fixed 10.1.3
This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code