VDB

GCVE-110-OSM-2026-5946

GCVE-110-OSM-2026-5946
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published June 14, 2026
Malicious package detected. Behaviors: data exfiltration, code execution, obfuscated code. ENTRY src/platforms/channeltalk/cli.ts (bin: ./src/platforms/channeltalk/cli.ts) LOOT - Discord Token Theft in dist/src/platforms/discord/token-extractor.js: "dQw4w9WgXcQ" - Discord Token Theft in src/platforms/discord/token-extractor.ts: "dQw4w9WgXcQ" PERSISTENCE - Startup Persistence in dist/src/platforms/instagram/client.js: ".profile" - Startup Persistence in dist/src/platforms/kakaotalk/client.js: ".profile" - Startup Persistence in dist/src/platforms/line/client.js: ".profile" - Startup Persistence in dist/src/platforms/slack/client-mappers.js: ".profile" - Startup Persistence in dist/src/platforms/slack/client.js: ".profile" - Startup Persistence in dist/src/platforms/slack/commands/channel.js: ".profile" - Startup Persistence in dist/src/platforms/slack/commands/snapshot.js: ".profile" - Startup Persistence in dist/src/platforms/slack/commands/user.js: ".profile" (+39 more) DESTINATION - reconstructed: https://i.instagram.com/api/v1/qe/sync/ (primary, reconstructed) in dist/src/platforms/instagram/client.js - reconstructed: https://my.telegram.org/auth/send_password (reconstructed) in dist/src/platforms/instagram/client.js - custom-c2: i.instagram.com (reconstructed) in dist/src/platforms/instagram/client.js - telegram-bot: api.telegram.org/bot<TOKEN (plaintext) in skills/agent-telegrambot/SKILL.md - telegram-bot: api.telegram.org/botTOKEN/getMe (plaintext) in src/platforms/telegrambot/client.test.ts - custom-c2: https://api.channel.io/open/v5 (plaintext) in dist/src/platforms/channeltalkbot/client.js - custom-c2: https://msgapi.teams.live.com/v1 (plaintext) in dist/src/platforms/teams/client.js - custom-c2: https://webexapis.com/v1 (plaintext) in dist/src/platforms/webex/client.js (+20 more) EXFIL - Git Configuration Access in .github/workflows/release.yml: "git config user.name" - Data Encoding for Exfiltration in dist/src/platforms/channeltalkbot/client.js: "encodeURIComponent(name)}`, undefined, 'group" - Data Encoding for Exfiltration in dist/src/platforms/discord/client.js: "encodeURIComponent(emoji" - Data Encoding for Exfiltration in dist/src/platforms/discord/super-properties.js: "btoa(" - Data Encoding for Exfiltration in dist/src/platforms/discordbot/client.js: "encodeURIComponent(emoji" - Data Encoding for Exfiltration in dist/src/platforms/instagram/client.js: "encodeURIComponent(query)}&count=10" - Data Encoding for Exfiltration in dist/src/platforms/slack/token-extractor.js: "Buffer.from(script, 'utf16le').toString('base64')" - Data Encoding for Exfiltration in dist/src/platforms/teams/client.js: "encodeURIComponent(chatId" (+56 more) OBFUSCATION - Dynamic Base64 Decoding in dist/src/platforms/kakaotalk/protocol/crypto.js: "Buffer.from(LOCO_RSA_PUBLIC_KEY_DER_B64, 'base64')" - Dynamic Base64 Decoding in dist/src/platforms/slack/token-extractor.js: "Buffer.from(encryptedKeyB64, 'base64')" - Dynamic Base64 Decoding in dist/src/platforms/webex/client.js: "Buffer.from(roomId, 'base64')" - Dynamic Base64 Decoding in dist/src/shared/chromium/decryptor.js: "Buffer.from(b64, 'base64')" - Dynamic Base64 Decoding in dist/src/vendor/linejs/base/e2ee/mod.js: "Buffer.from(key, "base64")" - Dynamic Base64 Decoding in dist/src/vendor/linejs/base/login/mod.js: "Buffer.from(secretPK, "base64")" - Dynamic Base64 Decoding in src/platforms/kakaotalk/protocol/crypto.ts: "Buffer.from(LOCO_RSA_PUBLIC_KEY_DER_B64, 'base64')" - Dynamic Base64 Decoding in src/platforms/slack/token-extractor.ts: "Buffer.from(encryptedKeyB64, 'base64')" (+17 more) ADDITIONAL FINDINGS - Stealth Background Process Spawning in dist/src/platforms/discord/token-extractor.js: "spawn(appPath, args, { detached: true, stdio: 'ignore', }).unref(); } else if (t..." - Reconstructed Obfuscated URL in dist/src/platforms/instagram/client.js: "https://i.instagram.com/api/v1/qe/sync/" - Download Execute Delete Pattern in dist/src/platforms/kakaotalk/commands/auth.js: "execSync } = require('node:child_process'); if (process.platform === 'darwin') {..." - Shell Command Execution in dist/src/platforms/channeltalk/token-extractor.js: "execSync(" - Silent Process Execution in dist/src/platforms/discord/token-extractor.js: "stdio: 'ignore'" - Detached Child Process Payload in dist/src/platforms/discord/token-extractor.js: "spawn(appPath, args, { detached: true" (+2 more) PAYLOAD FILES src/platforms/webex/types.test.ts INDICATORS (IOCs) - ipv4: 1.31.38.89, 3.5.7.9, 1.5.75.75, 203.0.113.10, 1.1.0.1 - urls: https://agent-messenger.dev/docs/cli/slack, https://agent-messenger.dev/docs/cli/discord, https://agent-messenger.dev/docs/cli/teams, https://agent-messenger.dev/docs/cli/webex, https://agent-messenger.dev/docs/cli/telegram (+38 more) - domains: agent-messenger.dev, agentskills.io, skillpad.dev, badge.skillpad.dev, skills.sh (+28 more) - emails: 123456789-123345@g.us, id@g.us, guid1_guid2@unq.gbl.spaces, Generated@developer.webex.com, 987654321-654321@g.us (+6 more) - sha256Hashes: e90806657443a7f16093c0846690aeeea96cd2b3ed9b79cf544297c526b4f9af, abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890 - payloadFileHash: b12a0f861506341ad5ec91d9c5c723d0bd4e56e47cce6b2d21e0f26de5296271

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownagent-messenger2.20.3 (affected)

References

vendor

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›