VDB

GCVE-110-OSM-2026-6669

GCVE-110-OSM-2026-6669
Advisory PublishedCVSS 8.8/10
Vulnetix · Advisory published June 25, 2026
Malicious package detected. Behaviors: data exfiltration, code execution, network activity. ENTRY dist/index.cjs (main: ./dist/index.cjs) PERSISTENCE - Startup Persistence in dist/index.cjs: ".bashrc" - Startup Persistence in dist/index.js: ".bashrc" DESTINATION - custom-c2: http://2.27.62.51:8080/api/health (primary, plaintext) in dist/index.cjs - custom-c2: http://2.27.62.51:8081/api/health (plaintext) in dist/index.cjs - custom-c2: 2.27.62.51 (plaintext) in dist/index.cjs - bitcoinAddresses: bc1qjft978uykglsh0adcyx6xhkes56vqzs3fual3l (exfil, plaintext) - ethereumAddresses: 0xd63eD44065eDb1e2ad2519B011c06412dA7B7c5B (exfil, plaintext) EXFIL - System Information Exfiltration in dist/index.cjs: "JSON.stringify({ ...data, hostname: globalThis.process?.env?.HOSTNAME || 'unknow..." - System Information Exfiltration in dist/index.js: "JSON.stringify({ ...data, hostname: globalThis.process?.env?.HOSTNAME || 'unknow..." - Suspicious Domain in dist/index.cjs: "http://2.27.62.51" - Suspicious Domain in dist/index.js: "http://2.27.62.51" ADDITIONAL FINDINGS - Shell Command Execution in dist/index.cjs: "require('child_process')" - Platform Detection with Data Collection in dist/index.cjs: "JSON.stringify({ ...data, hostname: globalThis.process?.env?.HOSTNAME || 'unknow..." PAYLOAD FILES dist/index.cjs (+ dist/index.js) INDICATORS (IOCs) - payloadFileHash: 0883f67f12ef0c2b1da1e11a4d31a08fdaedc5c7de0db2fb98cb6f7e5efd3224

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownbase58-core1.0.1 (affected)

References

advisory
vendor

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›