Which versions of mermaid-v11 are malicious?

The following npm versions of mermaid-v11 are flagged malicious: 9999.0.0, 9999.0.1, 9999.0.2. Treat any of these as compromised.

How do I remediate mermaid-v11 if I installed it?

Remove mermaid-v11 from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is mermaid-v11 part of a known attack campaign?

Yes — mermaid-v11 is associated with the IN-MAL-2026-005359, IN-MAL-2026-005358, IN-MAL-2026-005360, IN-MAL-2026-005364, IN-MAL-2026-005361, IN-MAL-2026-005365 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect mermaid-v11 in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking mermaid-v11 and packages like it before any post-install script runs.

Malicious package

mermaid-v11npm

Malicious code in mermaid-v11 (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5539

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall mermaid-v11

What this malware does

The package impersonates the legitimate mermaid diagramming library (name mermaid-v11, bogus version 9999.0.2, description 'Mermaid v11 diagramming library') and ships no library code — only a malicious preinstall lifecycle hook. On npm install, package.json line 6 runs node -e that reads require('os').hostname() and the OS username and beacons them out-of-band to an attacker-controlled Interactsh endpoint via two channels: an HTTPS GET to https://d8l0dj5t5p5il86s3d3gepriqucsnn1nd.oast.me/?h=<hostname>&u=<username>&pkg=mermaid-v11, and a DNS lookup of mermaid-v11.<hostname>.d8l0dj5t5p5il86s3d3gepriqucsnn1nd.oast.me to leak the hostname through the resolver chain. The behavior fires automatically on default install with no user interaction, harvesting installer host identifiers for an attacker-controlled OAST listener.

The OpenSSF Package Analysis project identified 'mermaid-v11' @ 9999.0.2 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Malicious versions

3 flagged

9999.0.09999.0.19999.0.2

Indicators of compromise (SHA-256)

003edde2881c4b52d0a0ae821b81083c569fc8bf9ef236a216c82054e2cb3b4f

e09f1e6e06b756c14d4bf0c26e54a82093ee00a8b8190974088973cb664aada7

334e4086eca8d2c76ec7ba03c6e47af121ed5ef043b0e4bf30db86248d064467

416d5c5ab1bc70076021520f20e67c3c52a81b74832379e19012fa2f6526c469

5ef3e485f7b13c78c745d0e7165199eacb142cb62da22b44eaa51460474f10b9

c3188d09fdd69443609241a8e3baac0c120837170b801b7eaa7ad2c0f5b5808a

e00db32b40228301a09dc2a6245bca93536d909e4e8e5b8c1d207586337947df

ed2c7d1b0095d1d538c4302304b30a940efd8cb6c0de4ae28e09f76ef7de6a25

Frequently asked questions

No. mermaid-v11 on npm has been identified as a malicious package (versions 9999.0.0, 9999.0.1, 9999.0.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005359IN-MAL-2026-005358IN-MAL-2026-005360IN-MAL-2026-005364IN-MAL-2026-005361IN-MAL-2026-005365

References

Credits

Amazon Inspector · finder
OpenSSF: Package Analysis · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection