VDB

GCVE-110-OSM-2026-1313

GCVE-110-OSM-2026-1313
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published April 2, 2026
APT malware detected: chai-max. Associated with threat actor(s): DPRK/Lazarus. Payload: latinum_wallet_mcp/server_sse.py Secondary files: latinum_wallet_mcp/server_stdio.py, latinum_wallet_mcp-0.0.36.dist-info/RECORD Key findings: - Chai-Max Wallet Theft Indicators in latinum_wallet_mcp/server_sse.py: "solana_wallet_mcp import build_mcp_wallet" - Chai-Max Wallet Theft Indicators in latinum_wallet_mcp/server_stdio.py: "solana_wallet_mcp import build_mcp_wallet" - Chai-Max Wallet Theft Indicators in latinum_wallet_mcp-0.0.36.dist-info/RECORD: "solana_wallet" - IP Lookup Service in latinum_wallet_mcp/utils.py: "ipapi.co" IOCs: - urls: https://api.mainnet-beta.solana.com, https://facilitator.latinum.ai/api/hackathon, https://facilitator.latinum.ai/api/pay, https://facilitator.latinum.ai, https://explorer.solana.com/tx/{signature (+6 more) - domains: logging.INFO, api.mainnet-beta.solana.com, logging.info, explorer.solana.com, ipapi.co (+2 more) - emails: dennj@latinum.ai - payloadFileHash: 093d3e79a28b0b20937bb2094a9053ba1676dce1715e6434791d32d66a2ad78b

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownlatinum-wallet-mcpall (affected)

References

advisory
vendor

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›