What is CVE-2026-44219?

CVE-2026-44219 is a low-severity vulnerability in Jo-jo98 Ciguard, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 3.7/10. Published 2026-05-12.

How severe is CVE-2026-44219?

Low severity. CVSS v3 base score is 3.7 out of 10.

Resource exhaustion in Jo-jo98 Ciguard

CVE-2026-44219

ciguard is a static security auditor for CI/CD pipelines. From 0.6.0 to 0.8.1, both SCA HTTP clients (src/ciguard/analyzer/sca/osv.py and src/ciguard/analyzer/sca/endoflife.py) call payload = json.loads(resp.read().decode('utf-8')) without…

EPSS: 0.000 (3.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Jo-jo98 Ciguard — versions >= 0.6.0, < 0.8.2

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

security-advisories@github.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-44219?: CVE-2026-44219 is a low-severity vulnerability in Jo-jo98 Ciguard, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 3.7/10. Published 2026-05-12.
How severe is CVE-2026-44219?: Low severity. CVSS v3 base score is 3.7 out of 10.