VDB

GCVE-110-OSM-2026-1319

GCVE-110-OSM-2026-1319
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published April 2, 2026
Malicious package detected. Behaviors: code execution, obfuscated code. Payload: eth_account/account.py Key findings: - Base64 Decoded Eval in eth_account/account.py: "exec(base64.b64decode" - Python Exec with Encoded Content in eth_account/account.py: "exec(base64.b64decode" - Cryptocurrency Wallet Theft in eth_account/account.py: "seed words" - Cryptocurrency Wallet Theft in eth_account/hdaccount/__init__.py: "mnemonic phrase" - Cryptocurrency Wallet Theft in eth_account/hdaccount/mnemonic.py: "mnemonic phrase" IOCs: - urls: https://eips.ethereum.org/EIPS/eip-191, https://eips.ethereum.org/EIPS/eip-712, https://eips.ethereum.org/EIPS/eip-7702, http://www.pydocstyle.org/en/3.0.0/error_codes.html, https://en.bitcoin.it/wiki/BIP_0032_TestVectors (+5 more) - domains: ethereum.org, eips.ethereum.org, MANIFEST.in, www.pydocstyle.org, gopkg.in (+10 more) - emails: snakecharmers@ethereum.org - ethereumAddresses: 0x5ce9454909639D2D17A3F753ce7d93fa0b9aB12E, 0x9AdA5dAD14d925f4df1378409731a9B71Bc8569d, 0x61Cc15522D06983Ac7aADe23f9d5433d38e78195, 0x1240460F6E370f28079E5F9B52f9DcB759F051b7, 0xd30dC9f996539826C646Eb48bb45F6ee1D1474af (+45 more) - sha256Hashes: cb636716a9fd46adbb31832d964df2082536edd5399a3393327dc89b0193a2be, 4f626ec5e7fea391b2229348a65bfef532c2a4e8372c0a6a814505a350a7689d, 4646464646464646464646464646464646464646464646464646464646464646, c85ef7d79691fe79573b1a7064c19c1a9819ebdbd1faaab1a8ec92344438aaf4, c87f65ff3f271bf5dc8643484f66b200109caffe4bf98c4cb393dc35740b28c0 (+45 more) - telegramBots: api.telegram.org/bot8314712768:AAEtOvqHBnagDn1ukdMmkL7IzEYG91ljc2s - payloadFileHash: 6e787ab4a3c48939fa13077c7918d7b1a2dd2a95f0c7434621218d3e6858c29e Decoded/deobfuscated IOCs: - urls: https://api.telegram.org/bot8314712768:AAEtOvqHBnagDn1ukdMmkL7IzEYG91ljc2s/sendMessage - domains: api.telegram.org - telegramBots: api.telegram.org/bot8314712768:AAEtOvqHBnagDn1ukdMmkL7IzEYG91ljc2s

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownether-accountall (affected)

References

advisory
vendor

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›