VDB
GCVE-110-OSM-2025-36
GCVE-110-OSM-2025-36
Advisory PublishedCVSS 8.8/10
PolinRider upstream injection attempt. Compromised developer finom (172 followers, 14-year-old legitimate GitHub account) submitted PR #363 which injected PolinRider malware payload into project files. PR was caught and closed without merging.
Attack type: PR-based upstream injection. Target: omar-dulaimi/prisma-zod-generator (popular Prisma Zod generator). PR: https://github.com/omar-dulaimi/prisma-zod-generator/pull/363. Author: finom (compromised - 172 followers, 90 repos, account since 2011). Status: CLOSED. Signature: rmcej otb 2857687. C2: trongrid.io. Notable: Attacker used a high-reputation compromised account for credibility.
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected) | — |
References
Malicious package:
advisory
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.