VDB

GCVE-110-OSM-2026-442

GCVE-110-OSM-2026-442
Advisory PublishedCVSS 8.8/10
Vulnetix · Advisory published May 29, 2026
Malicious package detected. Behaviors: code execution. Microsoft removal context: Extension ID: 64kramsystem.vscode-open-in-github-wiki-fixed Publisher: 64kramsystem Removal Date: 5/27/2026 Violation Type: impersonation Removed from the VS Code Marketplace by Microsoft for violating marketplace policies. Source: https://github.com/microsoft/vsmarketplace/blob/main/RemovedPackages.md Entrypoint: out/extension.js (main: ./out/extension.js) Payload: out/extension.js Key findings: - Shell Command Execution in out/extension.js: "child_process").exec" IOCs: - urls: https://termux.com, https://feross.org/opensource, https://…, http://schemas.openxmlformats.org/package/2006/content-types - domains: e.global, termux.com, feross.org - payloadFileHash: fb634c468faab9fe94b041722235c7882b78d5f13319879c8861f327102bdb87

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownlyu-wen-studio-web-han.better-formatter-vscodeall (affected), all (affected), all (affected), all (affected), * (affected), * (affected)
unknownmswincx.antigravity-cockpit-extensionall (affected), all (affected), all (affected), * (affected), all (affected), all (affected), all (affected), * (affected)
unknowncodbroks.compile-runnner-extensionall (affected)
unknownmarkvalid.vscode-mdvalidator-extensionall (affected)
unknown64kramsystem.vscode-open-in-github-wiki-fixed1.19.2 (affected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›