VDB
GCVE-110-OSM-2026-3028
GCVE-110-OSM-2026-3028
Advisory PublishedCVSS 9.6/10
Malicious package detected. Behaviors: data exfiltration, code execution, network activity, obfuscated code.
Payload: xinference/model/llm/sglang/core.py
Secondary files: xinference/thirdparty/deepseek_vl2/serve/app_modules/utils.py, xinference/core/worker.py
Key findings:
- Corporate Environment Targeting in xinference/model/llm/sglang/core.py: "tModel(SGLANGModel, ChatModelMixin):
@classmethod
def match"
- Corporate Environment Targeting in xinference/model/llm/transformers/gemma3.py: "tModel(PytorchChatModel):
GEMMA3_ARCHITECTURES = {"Gemma3ForCausalLM"}
..."
- Corporate Environment Targeting in xinference/model/llm/vllm/core.py: "tModel(VLLMModel, ChatModelMixin):
@classmethod
def match"
- Corporate Environment Targeting in xinference/thirdparty/fish_speech/fish_speech/utils/braceexpand.py: "tmod(optionflags=doctest"
- Corporate Environment Targeting in xinference/thirdparty/indextts/gpt/transformers_modeling_utils.py: "tModel.from_pretrained("./test"
IOCs:
- ipv4: 123.0.0.0
- ipv6: 0::, 1::, 2::, 4::
- urls: http://www.apache.org/licenses/, http://www.apache.org/licenses/LICENSE-2.0, https://xinference.io/en, https://hub.docker.com/r/xprobe/xinference, https://bfl.ai/models/flux-2-klein (+45 more)
- domains: www.apache.org, xinference.io, actions-badge.atrox.dev, hub.docker.com, huggingface.co (+27 more)
- emails: qinxuye@xprobe.io, business@xprobe.io, developers@01.AI, sxc19@mails.tsinghua.edu.cn, zyzhou@stu.xmu.edu.cn (+1 more)
- bitcoinAddresses: 18wF2bbjgc3ZzCSKW1T5nt5EbFoAz, 31WkbgnQpgtrNp1SdpJvpUAGTa
- sha256Hashes: d3dd57d32accea0b295c96e26691aa14d8822fac7d9d27d5dc00b4ca2826dd03, 65147644a518d12f04e32d6f3b26facc3f8dd46e5390956a9424a650c0ce22b9, 25a8566e1d0c1e2231d1c762132cd20e0f96a85d16145c3a00adf5d1ac670ead, ed3a0b6b1c0edf879ad9b11b1af5a0e6ab5db9205f891f668f8b0e6c6326e34e, f953ad0fd29cacd07d5a9eda5624af0f6bcf2258be67c92b79389873d91e0872 (+6 more)
- payloadFileHash: 52452de76b8e1da247af3cb2673be345844828ecf8a4bc3be07c9adc0f3fd417
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | xinference | 2.5.0 (affected) | — |
Aliases
Browse GCVE Records
73,196 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.