{"vulnerability": "cve-2026-46727", "sightings": [{"uuid": "5ccc37a0-1b69-4483-9381-7fb95eed9526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46727", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mmdxdinjft2i", "content": "2/13\n\nThis update fixes a security issue:\n  Use-after-free in pthread-based getaddrinfo timeout handler.\n  For more information, see:\n    https://www.cve.org/CVERecord?id=CVE-2026-46727\n  (* Security fix *)\nd/valgrind-3.27.1-x86_64-1.txz:  Upgraded.", "creation_timestamp": "2026-05-21T08:01:48.018016Z"}, {"uuid": "ffceaeb5-e008-477a-9b01-765626da5a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46727", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmpx5qwrnf2j", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45250: 72 interactions\nCVE-2026-45584: 65 interactions\nCVE-2026-46727: 22 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-26980: 7 interactions\nCVE-2026-44277: 3 interactions\nCVE-2026-5223: 3 interactions\n", "creation_timestamp": "2026-05-26T02:30:32.694988Z"}, {"uuid": "6e4d5498-e383-45e4-955e-54800285fb57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46727", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmshngckkv2m", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45250: 72 interactions\nCVE-2026-45584: 65 interactions\nCVE-2026-46727: 22 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-48710: 11 interactions\nCVE-2026-28952: 3 interactions\nCVE-2026-45659: 3 interactions\n", "creation_timestamp": "2026-05-27T02:30:57.839668Z"}, {"uuid": "11530690-25ab-43e0-b09c-ccaa120b54bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46727", "type": "seen", "source": "https://gist.github.com/alanalvestech/c27d2e789ce815ce3262baa8f8fce26c", "content": "- https://github.com/0xedward/awesome-rails-security\n- https://rubygems.org/pages/security\n- https://kinsta.com/blog/ruby-on-rails-applications/\n- https://www.fastruby.io/blog/rails/security/ruby-security-toolkit.html\n- https://medium.com/@Anita-ihuman/ruby-on-rails-security-best-practices-for-cloud-deployments-on-upcloud-897a3347ddce\n- https://dev.to/rachgrey/the-top-rails-gems-for-cybersecurity-applications-you-should-know-about-131g\n- https://github.com/devise-security/devise-security\n- https://github.com/wardencommunity/warden\n- https://github.com/binarylogic/authlogic\n- https://github.com/omniauth/omniauth\n- https://github.com/jwt/ruby-jwt\n- https://github.com/nsarno/knock\n- https://github.com/ambethia/recaptcha/\n- https://github.com/presidentbeef/brakeman\n- https://github.com/rubysec/bundler-audit\n- https://github.com/rubysec/ruby-advisory-db\n- https://github.com/rubocop/rubocop\n- https://github.com/thesp0nge/dawnscanner\n- https://github.com/flyerhzm/rails_best_practices\n- https://github.com/hawkeyesec/scanner-cli\n- https://github.com/awslabs/git-secrets\n- https://www.guardrails.io/\n- https://hakiri.io/\n- https://report-uri.com/\n- https://groups.google.com/g/rubyonrails-security\n- https://guides.rubyonrails.org/security.html\n- https://github.com/rietta/DeleteMe\n- https://pentesterlab.com/exercises/\n- https://medium.com/kkempin/preventing-security-issues-in-ruby-on-rails-based-on-owasp-cheatsheet-2fbca18b6a85\n- https://github.com/ankane/secure_rails\n- https://ankane.org/sensitive-data-rails\n- https://github.com/ankane/production_rails\n- https://github.com/eliotsykes/rails-security-checklist\n- https://github.com/brunofacca/zen-rails-security-checklist\n- https://www.codementor.io/ruby-on-rails/tutorial/ruby-on-rails-security-best-practices\n- https://www.invicti.com/blog/web-security/ruby-on-rails-security-basics\n- https://www.cloudbees.com/blog/level-up-your-security-in-rails\n- https://rubygarage.org/\n- https://bauland42.com/ruby-on-rails-security-strategy\n- https://www.cloudbees.com/blog/preproduction-checklist-for-a-rails-app\n- https://sloboda-studio.com/blog/ruby-on-rails-security-guide/\n- https://www.honeybadger.io/blog/ruby-security-tutorial-and-rails-security-guide/\n- https://rails-sqli.org/\n- https://codeclimate.com/legacy/rails-insecure-defaults\n- https://www.vdalabs.com/from-the-experts/\n- https://phrack.org/issues/69/12#article\n- https://hackerone.com/ruby?type=team\n- https://rails-bestpractices.com/\n- https://snyk.io/\n- https://www.ruby-lang.org/en/news/2026/05/20/getaddrinfo-cve-2026-46727/\n- https://groups.google.com/g/ruby-security-ann\n- https://www.ruby-lang.org/en/security/\n- https://api.osv.dev/v1/querybatch\n- https://osv.dev/list?q=Rails&ecosystem=\n- https://railsgoat.cktricky.com/\n- https://security.snyk.io/vuln/rubygems\n- https://github.com/OWASP/railsgoat\n- https://github.com/OWASP/railsgoat/wiki\n- https://github.com/OWASP/railsgoat/wiki/Rails-8-Tutorials\n- https://medium.com/@nikoo.asadnejad.work/owasp-top-10-2026-the-most-critical-web-application-security-risks-every-developer-should-d41531188c9a\n- https://github.com/cursor/plugins/blob/main/cursor-team-kit/skills/thermo-nuclear-code-quality-review/SKILL.md?plain=1\n- https://github.com/thoughtbot/top_secret", "creation_timestamp": "2026-06-11T15:27:35.000000Z"}, {"uuid": "f44d2e4c-3e85-4344-b0ae-08b10b3b5cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46727", "type": "seen", "source": "https://bsky.app/profile/k0kubun.com/post/3mmao5vq6wc25", "content": "We released Ruby 4.0.5 and published security advisory for CVE-2026-46727.\n\nIf you use Ruby 4.0.0~4.0.4, we recommend updating your Ruby version to 4.0.5.\n\nwww.ruby-lang.org/en/news/2026...", "creation_timestamp": "2026-05-20T00:39:53.992720Z"}, {"uuid": "889cdd5c-8219-456a-9f8b-f95192975e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46727", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmdetqhuk22x", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45584: 64 interactions\nCVE-2026-42897: 56 interactions\nCVE-2026-46300: 46 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-45584: 64 interactions\nCVE-2026-46727: 21 interactions\nCVE-2026-42462: 11 interactions\n", "creation_timestamp": "2026-05-21T02:33:02.525233Z"}, {"uuid": "15667341-7c3e-4fcb-960b-9d7096cd3054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46727", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmrlijgokw2z", "content": "\ud83d\udccc CVE-2026-46727 - An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler (rb_geta... https://www.cyberhub.blog/cves/CVE-2026-46727", "creation_timestamp": "2026-05-26T18:07:07.910214Z"}]}