VDB
GCVE-110-OSM-2026-2485
GCVE-110-OSM-2026-2485
Advisory PublishedCVSS 5.4/10
Suspicious package detected. Behaviors: code execution, obfuscated code.
Payload: pypi/wallycore@1.5.3/src/secp256k1/src/tests.c
IOCs:
- ipv4: 8.1.3.5, 8.1.2.2, 8.1.3.4
- urls: https://wally.readthedocs.io., http://www.swig.org/, https://elementsproject.org/, https://blockstream.com/liquid/, http://ltp.sourceforge.net/coverage/lcov.php (+28 more)
- domains: autogen.sh, www.swig.org, libpython.so, elementsproject.org, blockstream.com (+45 more)
- emails: peda@lysator.liu.se, tromey@cygnus.com, oliva@dcc.unicamp.br, gord@gnu.ai.mit.edu, pinard@iro.umontreal.ca
- bitcoinAddresses: bc1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3qccfmv3, 1cMh228HTCiwS8ZsaakH8A8wze1JR5ZsP, bc1q0ht9tyks4vh7p5p904t340cr9nvahy7u3re7zg, 3LKyvRN6SmYXGBNn8fcQvYxW9MGKtwcinN, 39XGHYpYmJV9sGFoGHZeU2rLkY6r1MJ6C1 (+45 more)
- sha256Hashes: 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f, 603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4, bc2f39635ef2e24b4689345fb68c615987b6b0388fdffb57f907bd44445603a4, b71aa79cab0ae2d83b82d44cbdc23f5dcca3797e8ba622c4e45a8f7dce28ba0e, b2396b3ee20509cdb64fe24180a14a72dbd671728eaa49bac69d2bdecb5f5a04 (+19 more)
- payloadFileHash: 9e91b08fc1b706100b6ce0bc52fac6870c91c0f04a34fb4efee7791d0137498d
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
5.4/10
Medium · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | wallycore | all (affected) | — |
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.