VDB
GCVE-110-OSM-2026-7717
GCVE-110-OSM-2026-7717
Advisory PublishedCVSS 5.4/10
Malicious package detected. Behaviors: data exfiltration, code execution, network activity.
ENTRY
pypi/scrum-agent@1.6.0/src/scrum_agent/cli.py (console-script: scrum-agent=scrum_agent.cli:main)
PERSISTENCE
- Startup Persistence in pypi/scrum-agent@1.6.0/src/scrum_agent/team_profile.py: ".profile"
DESTINATION
- custom-c2: https://ykauzind6vf3vtlvwz5kru7ajq0cpgyd.lambda-url.eu-west-1.on.aws/ (primary, plaintext) in pypi/scrum-agent@1.6.0/src/scrum_agent/telemetry.py
- custom-c2: ykauzind6vf3vtlvwz5kru7ajq0cpgyd.lambda-url.eu-west-1.on.aws (plaintext) in pypi/scrum-agent@1.6.0/src/scrum_agent/telemetry.py
- loader: https://docs.google.com/prd (loader, plaintext) in pypi/scrum-agent@1.6.0/tests/unit/nodes/test_task_decomposer.py
- urls: https://astral.sh/uv/install.sh (c2, plaintext)
- domains: astral.sh (c2, plaintext)
EXFIL
- Environment Variable Exfiltration in pypi/scrum-agent@1.6.0/skills/scrum-planner/scripts/canvas_push.py: "os.environ.get("SSL_CERT_FILE") or os.environ.get("CURL_CA_BUNDLE") ctx = ssl.cr..."
- Corporate Environment Targeting in pypi/scrum-agent@1.6.0/src/scrum_agent/formatters.py: "magenta", "Infrastructure": "bold yellow", "Test"
- Corporate Environment Targeting in pypi/scrum-agent@1.6.0/src/scrum_agent/tools/confluence.py: "tModified >= now("-{int(days)}d"){space_filter"
- Corporate Environment Targeting in pypi/scrum-agent@1.6.0/src/scrum_agent/ui/session/_renderers.py: "magenta", "Infrastructure": "bold yellow", "Test"
- Python File Upload to Remote in pypi/scrum-agent@1.6.0/skills/scrum-planner/scripts/canvas.py: "urllib.request.Request( url, data="
- Data Encoding for Exfiltration in pypi/scrum-agent@1.6.0/skills/scrum-planner/scripts/canvas.py: "json.dumps(payload).encode"
- Python File Upload to Remote in pypi/scrum-agent@1.6.0/skills/scrum-planner/scripts/canvas_push.py: "urllib.request.Request( url, data="
- Data Encoding for Exfiltration in pypi/scrum-agent@1.6.0/skills/scrum-planner/scripts/canvas_push.py: "json.dumps(payload).encode"
(+15 more)
OBFUSCATION
- Decoded Base64 Content in pypi/scrum-agent@1.6.0/tests/contract/cassettes/test_github_contract/TestGithubReadFileContract.test_read_file_decodes_content.yaml
- Decoded Base64 Content in pypi/scrum-agent@1.6.0/tests/contract/cassettes/test_github_contract/TestGithubReadReadmeContract.test_read_readme_with_contributing.yaml (x2)
ADDITIONAL FINDINGS
- Shell Command Execution in pypi/scrum-agent@1.6.0/src/scrum_agent/cli.py: "subprocess.run("
- Silent Process Execution in pypi/scrum-agent@1.6.0/src/scrum_agent/music.py: "stdout=subprocess.DEVNULL"
PAYLOAD FILES
pypi/scrum-agent@1.6.0/skills/scrum-planner/scripts/canvas_push.py (+ pypi/scrum-agent@1.6.0/src/scrum_agent/telemetry.py, pypi/scrum-agent@1.6.0/src/scrum_agent/standup/delivery.py)
INDICATORS (IOCs)
- urls: https://code.claude.com/docs/en/cli-reference, https://langchain-ai.github.io/langgraph/, https://smith.langchain.com/, https://docs.openclaw.ai/gateway/sandboxing, https://org.atlassian.net` (+19 more)
- domains: code.claude.com, langchain-ai.github.io, smith.langchain.com, message.im, variables.tf (+7 more)
- payloadFileHash: c870059b6acb5459fe94d738841b9ff18d4afd52581f3285d0bc029ec6c582db
Weaknesses (CWE)
CWE-506Embedded Malicious Code
Risk Scores
CVSS 3.1
5.4/10
Medium · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| unknown | scrum-agent | all (affected) | — |
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.