GHSA-8r2f-2qg4-cv9v incorrectly flags `pkg:npm/puppeteer@25.0.1` as malicious

[GHSA-8r2f-2qg4-cv9v](https://github.com/advisories/GHSA-8r2f-2qg4-cv9v) / [MAL-2026-5077](https://osv.dev/vulnerability/MAL-2026-5077) was published a short time ago indicating `pkg:npm/puppeteer@25.0.1` is malicious. 

GHSA-rvxm-vq55-8p53](https://github.com/advisories/GHSA-rvxm-vq55-8p53) / [MAL-2026-3655
](https://osv.dev/vulnerability/MAL-2026-3655) previously flagged versions for the same release of related packages as malware, and was previously contested as a false positive in [#7684](https://github.com/github/advisory-database/issues/7684)

This new GHSA should similarly be withdrawn, or evidence otherwise provided of the version being malware.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GHSA-8r2f-2qg4-cv9v incorrectly flags `pkg:npm/puppeteer@25.0.1` as malicious #7858

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

GHSA-8r2f-2qg4-cv9v incorrectly flags pkg:npm/puppeteer@25.0.1 as malicious #7858

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions

GHSA-8r2f-2qg4-cv9v incorrectly flags `pkg:npm/puppeteer@25.0.1` as malicious #7858