VDB
GCVE-110-OSM-2026-491
GCVE-110-OSM-2026-491
Advisory PublishedCVSS 8.8/10
Sleeper Open VSX extension linked to the GlassWorm campaign. Currently published as benign but controlled by the same operator and staged for runtime weaponization. Visual cloning of legitimate extensions (icons, descriptions, naming conventions) is used to build trust prior to activation.
=== GlassWorm Open VSX Campaign ===
Multi-stage supply chain attack targeting VS Code, Cursor, Windsurf, and VSCodium.
=== STAGE 1: Obfuscated Loader ===
Heavily obfuscated JavaScript bundled in the extension decodes at runtime
to fetch a secondary .vsix payload from attacker-controlled GitHub repos:
- https://github.com/SquadMagistrate10/wnxtgkih
- https://github.com/francesca898/dqwffqw
- https://github.com/ColossusQuailPray/oiegjqde
=== STAGE 2: Native Binary Execution ===
Platform-specific .node binaries embed GitHub URLs and IDE installation
logic targeting VS Code, Cursor, Windsurf, and VSCodium directories.
=== STAGE 3: Transitive Delivery (2026-04-29 wave) ===
Sleeper extensions reference blockstoks.easily-gitignore-manage via
extensionPack/extensionDependencies — installing one extension silently
pulls in the GlassWorm component.
=== File Hashes (SHA256) ===
Native installer binaries:
- 1b62b7c2ed7cc296ce821f977ef7b22bae59ef1dcdb9a34ae19467ee39bcf168
- 4ebfe8f66ca7e9751060b3301b5e8838d6017593cdae748541de83bfa28183bd
Downloaded VSIX payload:
- 97c275e3406ad6576529f41604ad138c5bdc4297d195bf61b049e14f6b30adfd
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | saoudrizvsce.claude-dev | all (affected) | — |
| unknown | tamokill12.foundry-pdf-extension | * (affected) | — |
| unknown | solblanco.svelte-vscode | all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected), all (affected) | — |
| unknown | spacesalamanderhook.italian-language-pack | all (affected) | — |
| unknown | yamlcode.yaml-vscode-extension | all (affected), all (affected), all (affected), all (affected), all (affected), * (affected) | — |
References
Browse GCVE Records
71,925 records in the GCVE database · Updated July 13, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.