VDB
KO

MAL-2026-9113

Malicious code in vcsfossilpdfx1 (RubyGems)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: ghsa-malware (3044c822e7c6b6ef88e08111a7bd8d9afa59385b7a896e36fde60f83393d1960) ---

Credit: [OpenSSF](https://github.com/ossf/malicious-packages) ([source](https://github.com/ossf/malicious-packages/blob/9fbb5fba02ba2f02395d3d2d43c31b2c482b7a9d/osv/malicious/rubygems/vcsfossilpdfx1/MAL-2026-9113.json))

Are you affected?

Enter the version of the package you're using.

Affected packages

RubyGems / vcsfossilpdfx1

No fixed version published yet for vcsfossilpdfx1 (bundler). Pin to a known-safe version or switch to an alternative.

References