CVE-2026-57436 Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage...