VDB
GCVE-110-OSM-2026-32
GCVE-110-OSM-2026-32
Advisory PublishedCVSS 9.6/10
Malicious package detected. Behaviors: data exfiltration.
Entrypoint: fesm2022/ethlete-core.mjs (main: fesm2022/ethlete-core.mjs)
Exfil: https://tailwindcss.com/docs/screens (custom-c2, recovery: plaintext in fesm2022/ethlete-core.mjs)
Payload: fesm2022/ethlete-core.mjs
Key findings:
- Corporate Environment Targeting in fesm2022/ethlete-core.mjs: "tMonitorEnabled = false;
this._isXs$ = new BehaviorSubject(this.isMatch"
IOCs:
- urls: https://nx.dev, https://tailwindcss.com/docs/screens, https://floating-ui.com/docs/offset, https://tailwindcss.com/docs/screens\n, https://floating-ui.com/docs/offset\n (+1 more)
- domains: nx.dev, tailwindcss.com, lukeed.com, scrollbarRuler.style.top, floating-ui.com
- payloadFileHash: a25a91d20a951aeb0248377d1c7fe30beaab56f94a42208a88110689027cb54b
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | @sixcore/baileys | all (affected), all (affected), * (affected), all (affected), all (affected), * (affected) | — |
| unknown | ty-web-session | all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected) | — |
| unknown | @ethlete/core | 4.31.0 (affected) | — |
| unknown | console-loggers | all (affected) | — |
References
Malicious npm package: @ethlete/core
advisory
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.