VDB
GCVE-110-OSM-2026-5108
GCVE-110-OSM-2026-5108
Advisory PublishedCVSS 9.6/10
Installs a persistent WebSocket backdoor and trojanized AI coding agent on macOS x86_64 systems via postinstall hook, exfiltrating API keys (OPENAI_API_KEY, DEEPSEEK_API_KEY), workspace files, and git state to an attacker-controlled Navinora/Pivot C2 server and executing arbitrary remote commands with '--dangerously-bypass-approvals-and-sandbox' and full filesystem access under attacker direction. Part of the same campaign as @navinora/connector-darwin-arm64 (cluster 4c4db586517ec797), which also steals macOS Keychain credentials and contacts typosquat C2 domain api.deepseeki.com.
**Trigger** (`postinstall`): executes `node postinstall.js` which calls `fs.chmodSync(file, 0o755)` on both bundled Mach-O x86_64 binaries, enabling them at install time.
**Backdoor** (`bin/navinora-connector`, SHA256 ccc60040652676d38faf4751c6dae70f178595ed7098c701926b4f82d54bdb7d): Rust-compiled stripped binary; string literal 'Keep a WebSocket connection open and execute tasks sent by Pivot' confirms persistent C2; imports execvp, posix_spawnp, fork, connect, recv for remote command execution; reads OPENAI_API_KEY, DEEPSEEK_API_KEY; syncs workspace files and git diffs to Pivot server; dispatches tasks to deepseek-tui with 'danger-full-access' and '--dangerously-bypass-approvals-and-sandbox' flags.
**AI runtime proxy** (`bin/runtime/deepseek-tui`, SHA256 8e3c6557613d7ab3994dacbdbb524aa7cc59b57ac9714c1d47c2a59a35565ce0): x86_64 binary used as local AI execution engine under attacker direction; imports connect, fork, recv confirming network and execution capability; functionally equivalent to arm64 sibling which additionally confirmed macOS Keychain access (SecKeychainFindGenericPassword call chain confirmed via Binary Ninja) and api.deepseeki.com active provider endpoint at 0x1015ed581.
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | @navinora/connector-darwin-x64 | 0.8.52 (12 versions 0.8.41-0.8.52) (affected) | — |
Browse GCVE Records
71,925 records in the GCVE database · Updated July 13, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.