npm package
puppeteer
pkg:npm/puppeteer
Malware
2 malicious versions on record
One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.
- MAL-2026-5077Malicious code in puppeteer (npm)May 29, 2026
- GHSA-8r2f-2qg4-cv9vWithdrawn Advisory: Malware in puppeteerMay 29, 2026
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5786 | — | KEV | < 1.13.0 | 1.13.0 | Jun 27, 2019 | Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
- affected < 1.13.0fixed 1.13.0
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.