VDB
GCVE-110-OSM-2026-5291
GCVE-110-OSM-2026-5291
Advisory PublishedCVSS 9.6/10
Malicious package detected. Behaviors: data exfiltration, code execution, install-time execution.
Entrypoint: scripts/post-install.js (install-hook: node scripts/post-install.js)
Exfil: http://127.0.0.1:4096/session (reconstructed, recovery: reconstructed in service/modules/opencode-service.js)
Payload: service/worker.js
Secondary files: service/rongcloud/openclaw-client.js, cli.js
Key findings:
- Download Execute Delete Pattern in cli.js: "writeFileSync(serviceFile, serviceContent);
exec('systemctl daemon-reload..."
- Reconstructed Obfuscated URL in service/modules/opencode-service.js: "http://127.0.0.1:4096/session"
- Download Execute Delete Pattern in service/modules/service-manager.js: "execCommand(`systemctl disable ${this.serviceName}`);
const serviceFile = `..."
- Environment Variable Exfiltration in service/modules/system-config.js: "process.env.DM_SERVER_URL || 'https://newsradar.dreamdt.cn/im';
this.configs..."
- Stealth Background Process Spawning in service/rongcloud/openclaw-client.js: "spawn('openclaw', ['gateway'], {
shell: true,
windowsHide: true,
..."
IOCs:
- ipv4: 1.17.0.0, 2.0.0.0, 1.0.0.0
- urls: http://127.0.0.1:$PORT/, http://127.0.0.1:$port/, https://newsradar.dreamdt.cn/im, https://docs.openclaw.ai, https://docs.rongcloud.cn/platform-chat-api/message/send-private-stream (+1 more)
- domains: restart.sh, status.sh, newsradar.dreamdt.cn, docs.rongcloud.cn, api-b.rong-api.com (+3 more)
- binaryHashes: bf2cc5fd9a0e07d17309f51f7a6212d73cccb1d3a941dd90115a19f3abfcf707
- payloadFileHash: a24578e8e73ce0488b351d4f7398204f6d086be1163cf628b36e4cc0e8ecc29c
Hidden install (secondary package pulled at runtime):
- --ignore-scripts [OSM: clean] in scripts/sync-local.js
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | claw-subagent-service | all (affected) | — |
Aliases
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.