CVE-2026-44219
CVE-2026-44219 affects the ciguard static security auditor. The two SCA HTTP clients (osv.py and endoflife.py) call payload = json.loads(resp.read().decode('utf-8')) without a maximum bytes cap, allowing a hostile or compromised endoflife.date / OSV.dev (or a TLS MITM) to return multi-GB response...