CVE-2025-59162

Name of the Vulnerable Software and Affected Versions color-convert versions prior to 3.1.2

Description The npm package color-convert was compromised through a phishing attack on the publishing account. A malicious version (3.1.1) was published containing a payload designed to redirect cryptocurrency transactions in browser environments. Environments such as local, server, and command line applications are not affected. The malware specifically targets cryptocurrency transactions and wallets like MetaMask. The compromised package was removed from the npm registry, and new patch versions were published to assist users with private registries.

Recommendations Update to version 3.1.2. Completely remove the node modules directory. Clean the package manager's global cache. Rebuild any browser bundles from scratch. Purge the compromised versions from any caches if operating private registries or registry mirrors.