VDB
GCVE-110-OSM-2026-7405
GCVE-110-OSM-2026-7405
Advisory PublishedCVSS 9.6/10
Malicious package detected. Behaviors: obfuscated code.
ENTRY
setup.py (install-hook: install/develop/build override present)
- setup.py Code Execution in setup.py
OBFUSCATION
- Python chr() Array String Building in setup.py: "bytes([98,97,115,101,54,52]).decode("
- Hex Encoded Strings in setup.py: "'\x75\x2a\x31\x3d\x75\x2a\x3b\x39\x31\x3b\x3d\x3f'"
- Unicode Escape Obfuscation in setup.py: "\x3e\x36\x74\x2d\x3f\x36\x6b\x74\x28\x2f"
- Decoded Hex Escape Content in setup.py (x7)
- Decoded Python chr() Array Content in setup.py (x2)
- Deobfuscation Failed in setup.py
ADDITIONAL FINDINGS
- Setup.py Command Override in setup.py: "cmdclass={"install": _PostInstall, "develop": _PostDevelop, "egg_info""
PAYLOAD FILES
setup.py
INDICATORS (IOCs)
- payloadFileHash: 6bc684db08c5d5bb10c76c1b3b1e401f6bcb10bcfc3324c7b713b9026c29cd83
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | ipa-user-collector | all (affected) | — |
Aliases
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.