By vendor
Rurban vulnerabilities
Known CVEs affecting Rurban products, prioritized by severity, with SEC.co remediation and detection guidance.
2 published vulnerabilities
- CVE-2026-9516HIGH 7.5
Cpanel::JSON::XS, a popular Perl library for JSON processing, contains a vulnerability that can crash applications when they process JSON documents that start with a UTF-8 byte order mark (BOM) and use callback filters during decoding. The issue stems from incorrect memory pointer management: when a decode filter throws an exception, the library fails to properly restore the input scalar's internal pointer, leaving it in an invalid state. This corrupted state causes a crash when the memory is eventually freed. An attacker can trigger this denial of service by sending a specially crafted JSON document to any application using the vulnerable library with filtering enabled.
- CVE-2026-9334HIGH 7.3
CVE-2026-9334 is a type-confusion vulnerability in Cpanel::JSON::XS (a Perl JSON parsing library) that occurs when a specific feature called dupkeys_as_arrayref is enabled. When decoding JSON with duplicate object keys, the library crashes and attempts to dereference attacker-controlled data as a pointer. An attacker can exploit this by sending crafted JSON to any application using this library with the vulnerable setting enabled, potentially leading to denial of service or information disclosure.