CVE-2017-16069 (v3: 7.5)
7 Jun 2018
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.