Ruby is a scripting language designed for simplified object-oriented programming.

Ruby

NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Ruby Interpreter is a software that processes Ruby programming code, converting it into machine code and executing it. It allows for interactive Ruby code execution and dynamic loading of libraries, enabling rapid development and debugging. The most commonly used Ruby interpreter is MRI (Matz's Ruby Interpreter), also known as CRuby, which is the original and reference implementation of the Ruby language.

Ruby Interpreter

MinimOS is a minimalist operating system designed for simplicity and efficiency. It aims to provide only essential functionalities, making it lightweight and suitable for resource-constrained environments. MinimOS is often used in embedded systems or as a base for custom operating system development.

MinimOS

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Fedora is a popular open-source, Linux-based operating system.

Linux Fedora

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allow_duplicate_key: false parsing option is used to parse user supplied documents. This issue has been patched in versions 2.15.2.1, 2.17.1.2, and 2.19.2.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-23891	CRITICAL	9.3	Ruby	decidim-core	No	Yes	Apr 13, 2026
GHSA-2x79-gwq3-vxxm	HIGH	8.7	Ruby	iodine	No	No	Apr 14, 2026
GHSA-ghmh-q25g-gxxx	HIGH	7.5	Ruby	decidim-api	No	Yes	Apr 14, 2026
GHSA-w5xj-99cg-rccm	HIGH	7.5	Ruby	decidim-core	No	Yes	Apr 14, 2026
GHSA-9pm8-vwc5-w2hm	LOW	2.1	Ruby	fat_free_crm	No	Yes	Apr 14, 2026

CVE-2026-33210:
Ruby vulnerability analysis and mitigation

8.3

Related Ruby vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-33210: Ruby vulnerability analysis and mitigation