VDB
GCVE-110-OSM-2026-3060
GCVE-110-OSM-2026-3060
Advisory PublishedCVSS 9.6/10
Malicious package detected. Behaviors: data exfiltration, code execution, obfuscated code.
Payload: src/public/assets/bootstrap@5.3.7.js
Secondary files: src/cjs/router/routerStatusDash.cjs, src/esm/discordUtils/discordUtils.mjs
Key findings:
- Corporate Environment Targeting in src/public/assets/bootstrap@5.3.7.js: "tModifiers$1 = [eventListeners, popperOffsets$1, computeSt"
- Dynamic Base64 Decoding in src/cjs/security/crypto.service.cjs: "Buffer.from(encryptedDataB64, 'base64')"
- Dynamic Base64 Decoding in src/esm/security/crypto.service.mjs: "Buffer.from(encryptedDataB64, "base64")"
IOCs:
- urls: https://exemplo.com/arquivo.zip, https://docs.renovatebot.com/renovate-schema.json, https://.+/, https://twitch.tv, http://ns.adobe.com/xap/1.0/ (+7 more)
- domains: exemplo.com, docs.renovatebot.com, cdn.discordapp.com, twitch.tv, guild.members.me (+7 more)
- emails: bootstrap@5.3.7.css, bootstrap@5.3.7.js
- sha256Hashes: cc9c387ac2aad7fa8040738f47ae0ab43e2b77027d188e272a147b1829e3a53f
- payloadFileHash: b50f5cddd735b748fd115d88b70ab1d592b4aa3acb6b28f4fa5fe5484814e593
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | npm-package-nodejs-utils-lda | 1.0.77 (affected) | — |
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.