1. json Gem Format String Injection Vulnerability CVE-2026-33210 Patched in Blacklight-Cornell
A critical security vulnerability in the Ruby json gem has been addressed in the Blacklight-Cornell project, a widely deployed library discovery interface used by academic institutions. The flaw, tracked as CVE-2026-33210, constitutes a format string injection vulnerability present in the JSON.parse method when invoked...