A vulnerability classified as critical has been found in sparklemotion nokogiri up to 1.19.3 . The impacted element is the function Nokogiri::XML::Attr . This manipulation causes use after free. This vulnerability is tracked as CVE-2026-57435 . The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.