2 matches found
CVE-2026-3276
unicodedata.normalize can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms...
CVE-2026-2302
Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...