CVE-2026-57435 | sparklemotion nokogiri up to 1.19.3 Nokogiri::XML::Attr use after free

A vulnerability classified as critical has been found in sparklemotion nokogiri up to 1.19.3. The impacted element is the function Nokogiri::XML::Attr. This manipulation causes use after free.

This vulnerability is tracked as CVE-2026-57435. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More