@mcpassure/mcp-cnes

MAL-2026-4407

npmmalware5/20/2026
Description

Malicious code in @mcpassure/mcp-cnes (npm)

Indicators of Compromise
SHA256 Hashes (11)
243d5ff1424c2d147ee05781c1889b007eb30e22a190bf6dc3973b676ea697a7
5a54e926f3f7494f960939c9c3cc032323926e23d2fb91e74345de50b4f169f0
5ffdce55d576c5d468af9ede85c7ec08cf49a97e73b0b84e661d9205da28cbc0
c7f24625eec4083d437cdb57d897d500515b89bc2547af86745f5e24499988c4
e896035f96afd1a15ba5b87b4bd1fb08a05f27a033f92d3df23b53858b783fb6
f2bb31316d7d345931d26fb97bf5b9af6444648ce5c6d11940a5e3ec5f4263af
4b97da6ca39a528ed5d2ad3cfd933a07000e5cd2799e68998209ae10c4dfa49f
5e798993ec301866e498d9772ae1ae23b0dd7d0387c892807c8322c268ed0311
5fa0e114f94d215bbeb13ca6c90ac0bd20a0321863ef2a690bf89cb1552f944e
93fb9fe0ecdf56bc9a067617218a654f28dc2b79d0e14d9b5d4c93b3360c81c7
References (11)
https://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.3.1OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.2OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.7OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.1OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.9OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.8OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.4OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.3.0OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.5OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.2.6OSVhttps://www.npmjs.com/package/@mcpassure/mcp-cnes/v/0.3.2OSV
Details
Ecosystemnpm
Attack Typemalware
Published5/20/2026
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001