CVE-2026-57236
CVE-2026-57236 affects Nokogiri (Ruby) with the CRuby/libxml2 backend. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., non-string or null byte) frees the current encoding string but does not replace it, leaving the document referencing freed memory. The next call to Do...