VDB

GCVE-110-OSM-2026-5817

GCVE-110-OSM-2026-5817
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published June 13, 2026
Malicious package detected. Behaviors: data exfiltration, code execution, obfuscated code, install-time execution. Entrypoint: engine-requirements.js (install-hook: node ./engine-requirements.js) Exfil: update.me (custom-c2, recovery: plaintext in lib/Socket/socket.js) Payload: lib/Socket/newsletter.js Secondary files: lib/Utils/generics.js, lib/Utils/messages-media.js Key findings: - Decoded Base64 Content in lib/Socket/newsletter.js - Suspicious TLD Domain in lib/Defaults/index.d.ts: "https://movanest.xyz" - Suspicious TLD Domain in lib/Defaults/index.js: "https://movanest.xyz" - Startup Persistence in lib/Socket/chats.js: ".profile" - Startup Persistence in lib/Socket/messages-send.js: ".profile" IOCs: - ipv4: 131.0.0.0 - urls: https://movanest.xyz/donation, https://wa.me/settings/linked_devices#, https://cdn.malvintech.sbs/file/chJids.json - domains: i.ibb.co, movanest.xyz, sock.ws, wa.me, creds.me (+5 more) - emails: 123456789-123345@g.us, 1201111111111@g.us, 16505361212@c.us, server@c.us, 0@c.us (+1 more) - bitcoinAddresses: 123456789ABCDEFGHJKLMNPQRSTVWXYZ - sha256Hashes: 142375574d0a587166aae71ebe516437c4a28b73e3695c6ce1f7f9545da8ee6b, f09d96b2f09d978df09d96baf09d978bf09d96bff09d96baf09d9785f09d9785 - payloadFileHash: 7921ff0f4dbe4177589dca05821305794409a5275a6d6d9702392810d55945b6 Decoded/deobfuscated IOCs: - urls: https://cdn.malvintech.sbs/file/chJids.json - domains: cdn.malvintech.sbs

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownmalvin-baileys2.2.5 (affected)

References

vendor

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›