CVE-2026-57434

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could...

CVE-2026-57434

Nokogiri (Ruby) prior to 1.19.4 contains a NULL pointer dereference when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node, which could crash the process. The issue is fixed in 1.19.4; affected versions are

EUVD-2026-39424

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could...

GHSA-9CV2-CFXC-V4V2 Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes

Summary Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could crash the process. Nokogiri 1.19.4 checks for missing native data pointers and raises a...