VDB

GCVE-110-OSM-2026-1563

GCVE-110-OSM-2026-1563
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published April 8, 2026
Malicious package detected. Behaviors: data exfiltration. Payload: src/genesis_1p_tools_rpm_bundle/__init__.py Key findings: - Environment Variable Exfiltration in src/genesis_1p_tools_rpm_bundle/__init__.py: "os.environ.get("PLATFORM_SERVER_PORT", ""), "log_level": os.envi..." - Python File Upload to Remote in src/genesis_1p_tools_rpm_bundle/__init__.py: "urllib.request.Request( _LAMBDA_URL, data=" - HTTP Data Exfiltration in src/genesis_1p_tools_rpm_bundle/__init__.py: "urllib.request payload = json.dumps( { "pac..." - POST Method Defined for Exfiltration in src/genesis_1p_tools_rpm_bundle/__init__.py: "method="POST", ) urllib.request.urlopen" IOCs: - urls: https://abstra.io/docs, https://docs.cursor.com/context/ignore-files - domains: python-poetry.org, pdm-project.org, abstra.io, docs.cursor.com, owasp.org - emails: xavier.garceau-aranda@owasp.org - payloadFileHash: 9c6dc24ebb972d350b531fdd7c5f585587d0d5c7a48c697a78d8243221c16a39

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknowngenesis-1p-tools-rpm-bundleall (affected)

References

advisory
vendor

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›