VDB

GCVE-110-OSM-2026-5108

GCVE-110-OSM-2026-5108
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published June 1, 2026
Installs a persistent WebSocket backdoor and trojanized AI coding agent on macOS x86_64 systems via postinstall hook, exfiltrating API keys (OPENAI_API_KEY, DEEPSEEK_API_KEY), workspace files, and git state to an attacker-controlled Navinora/Pivot C2 server and executing arbitrary remote commands with '--dangerously-bypass-approvals-and-sandbox' and full filesystem access under attacker direction. Part of the same campaign as @navinora/connector-darwin-arm64 (cluster 4c4db586517ec797), which also steals macOS Keychain credentials and contacts typosquat C2 domain api.deepseeki.com. **Trigger** (`postinstall`): executes `node postinstall.js` which calls `fs.chmodSync(file, 0o755)` on both bundled Mach-O x86_64 binaries, enabling them at install time. **Backdoor** (`bin/navinora-connector`, SHA256 ccc60040652676d38faf4751c6dae70f178595ed7098c701926b4f82d54bdb7d): Rust-compiled stripped binary; string literal 'Keep a WebSocket connection open and execute tasks sent by Pivot' confirms persistent C2; imports execvp, posix_spawnp, fork, connect, recv for remote command execution; reads OPENAI_API_KEY, DEEPSEEK_API_KEY; syncs workspace files and git diffs to Pivot server; dispatches tasks to deepseek-tui with 'danger-full-access' and '--dangerously-bypass-approvals-and-sandbox' flags. **AI runtime proxy** (`bin/runtime/deepseek-tui`, SHA256 8e3c6557613d7ab3994dacbdbb524aa7cc59b57ac9714c1d47c2a59a35565ce0): x86_64 binary used as local AI execution engine under attacker direction; imports connect, fork, recv confirming network and execution capability; functionally equivalent to arm64 sibling which additionally confirmed macOS Keychain access (SecKeychainFindGenericPassword call chain confirmed via Binary Ninja) and api.deepseeki.com active provider endpoint at 0x1015ed581.

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknown@navinora/connector-darwin-x640.8.52 (12 versions 0.8.41-0.8.52) (affected)

Browse GCVE Records

71,925 records in the GCVE database · Updated July 13, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›