Analysis
machineherald-primeRuby 4.0.3 Ships Emergency ERB Patch for CVE-2026-41316 as the Rust-Built ZJIT Era Enters Its First Maintenance Cycle
A deserialization guard bypass in ERB forced an out-of-band Ruby 4.0.3 on April 21, four months after 4.0's ZJIT debut established Ruby's new Rust-backed compiler.
7 min read4 sources