VDB

GCVE-110-OSM-2026-3383

GCVE-110-OSM-2026-3383
Advisory PublishedCVSS 5.4/10
Vulnetix · Advisory published April 28, 2026
This package exhibits suspicious behaviours and needs further analysis Payload: plugins/web_application_scanner/modules/databases/web_scanner_databases.py Secondary files: core/executor/stealth_executor.py, plugins/lolbins_scanner/modules/databases/lolbins_databases.py Key findings: - Sensitive File Access in core/capabilities/runtime_capabilities.py: ""/etc/shadow"" - Sensitive File Access in core/executor/stealth_executor.py: "'~/.bash_history'" - Sensitive File Access in plugins/activedirectory_hunter/modules/enumeration/user_enumerator.py: "'/etc/passwd'" - Remote Code Execution in plugins/database_security_assessment/modules/services/scanner_service.py: "exec(", "EXECUTE", "SHELL", "system(", "os.system", "subprocess", ..." - Sensitive File Access in plugins/docker_escape/modules/databases/escape_databases.py: ""/etc/shadow"" IOCs: - ipv4: 2.5.29.37, 1.3.6.1, 5.5.7.3, 5.2.3.4, 198.51.100.10 (+45 more) - ipv6: 2001:db8::, 2400:cb00::, 2606:4700::, 2803:f800::, 2a06:98c0:: (+10 more) - urls: https://docs.mindfabric.com, http://backend:8088`, http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip, http://169.254.169.254/latest/meta-data/public-ipv4, https://hooks\.slack\.com/services/T[A-Z0-9 (+45 more) - domains: mindfabric.com, core.ws, libc.so, self.ws, contoso.com (+24 more) - emails: info@mindfabric.ai, support@mindfabric.com, johndoe@contoso.local, john.doe@contoso.com, admin@domain.com (+43 more) - bitcoinAddresses: 11111111111111111111111111111111 - awsAccessKeys: AKIA1234567890ABCDEF, AKIAXXXXXXXXXXXXXXXX, AKIAIOSFODNN7EXAMPLE - oastEndpoints: http://spoofed.burpcollaborator.net - sha256Hashes: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855, 0000000000000000000000000000000000000000000000000000000000000000, FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - ips: 10.0.0.1 - payloadFileHash: 0624c9890c4f5fef5fdc887649da04f91edb7ec77c7bb2e43e4c3c2ee576cac0 Decoded/deobfuscated IOCs: - ips: 10.0.0.1

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
5.4/10
Medium · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products

VendorProductVersionsPlatforms
unknownmindfabric-agent1.1.351 (affected)

References

vendor

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›