{"id":"MAL-2026-8254","summary":"Malicious code in oaijgitwelcpe (RubyGems)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ghsa-malware (9ac62ae7ca37a2997e7df7c0cea9ae011a96534e4c485790ea9306f92053978f)\n---\n\nCredit: [OpenSSF](https://github.com/ossf/malicious-packages) ([source](https://github.com/ossf/malicious-packages/blob/9fbb5fba02ba2f02395d3d2d43c31b2c482b7a9d/osv/malicious/rubygems/oaijgitwelcpe/MAL-2026-8254.json))\n","aliases":["GHSA-5xp8-x5cm-9g57"],"modified":"2026-07-18T11:05:18.827426273Z","published":"2026-07-07T11:58:42Z","database_specific":{"malicious-packages-origins":[{"versions":["0.0.1"],"source":"reversing-labs","sha256":"7991f8efc1ae199a6b3941a78c1623017d5337bf9bc8fb04447b2cb5ac34d6ed","import_time":"2026-07-09T09:13:00.343676486Z","id":"RLMA-2026-02905","modified_time":"2026-07-07T11:58:42Z"},{"modified_time":"2026-07-18T01:57:46Z","versions":["0.0.1"],"source":"ghsa-malware","sha256":"9ac62ae7ca37a2997e7df7c0cea9ae011a96534e4c485790ea9306f92053978f","import_time":"2026-07-18T10:46:29.145268965Z","id":"GHSA-5xp8-x5cm-9g57"}]},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-5xp8-x5cm-9g57"}],"affected":[{"package":{"name":"oaijgitwelcpe","ecosystem":"RubyGems","purl":"pkg:gem/oaijgitwelcpe"},"versions":["0.0.1"],"database_specific":{"cwes":[{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/rubygems/oaijgitwelcpe/MAL-2026-8254.json"}}],"schema_version":"1.7.5","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}