GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/21626?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21626?format=api",
    "vulnerability_id": "VCID-16f4-wee5-mqej",
    "summary": "@posthog/sendgrid-plugin contains malware after npm account takeover\nOn November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentials from popular online services. It is recommended all credentials be rotated, npm cache is cleared, .node_modules directory is removed and all dependencies be rolled back to previous versions.",
    "aliases": [
        {
            "alias": "GMS-2025-751"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/71360?format=api",
            "purl": "pkg:npm/%40posthog/sendgrid-plugin@0.0.8",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-16f4-wee5-mqej"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540posthog/sendgrid-plugin@0.0.8"
        }
    ],
    "references": [
        {
            "reference_url": "https://about.gitlab.com/blog/gitlab-discovers-widespread-npm-supply-chain-attack/",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://about.gitlab.com/blog/gitlab-discovers-widespread-npm-supply-chain-attack/"
        },
        {
            "reference_url": "https://socket.dev/blog/shai-hulud-strikes-again-v2",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://socket.dev/blog/shai-hulud-strikes-again-v2"
        },
        {
            "reference_url": "https://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attack",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attack"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 506,
            "name": "Embedded Malicious Code",
            "description": "The product contains code that appears to be malicious in nature."
        }
    ],
    "exploits": [],
    "severity_range_score": null,
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16f4-wee5-mqej"
}