VDB
GCVE-110-OSM-2021-9
GCVE-110-OSM-2021-9
Advisory PublishedCVSS 8.8/10
Malicious Docker Hub image containing XMRig Monero cryptominer. Part of a campaign involving 30 malicious images across 10 Docker Hub accounts with over 20 million total pulls, generating approximately USD 200,000 in illicit Monero mining profits.
Docker image embeds XMRig cryptocurrency miner that activates on container startup. The image is designed to abuse cloud container infrastructure for unauthorized Monero mining. Mining pool credentials are embedded in the image configuration.
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | xmrigdocker/docker2 | all (affected) | — |
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.