VDB

GCVE-110-OSM-2026-6466

GCVE-110-OSM-2026-6466
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published June 21, 2026
Malicious vscode tasks.json file that delivers malware when the repository is opened in visual studio code as trusted workspace. The payload delivers obfuscated JS file in third stage that talks to the C2 http://147[.]124[.]212[.]180[:]1224[/]api[/]checkStatus sends a GET request with environment variables and system info. The code runs every 5000 to fetch further instructions. Second stage payloads downloaded from: https://moralismvp.s.gy/M # mac https://moralismvp.s.gy/L # linux https://moralismvp.s.gy/W # windows These redirect to: https://access-private-github.vercel.app/api/settings/mac https://access-private-github.vercel.app/api/settings/linux https://access-private-github.vercel.app/api/settings/windows

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownall (affected)

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›