CVE-2026-44219

Name of the Vulnerable Software and Affected Versions ciguard versions 0.6.0 through 0.8.1

Description Both SCA HTTP clients in src/ciguard/analyzer/sca/osv.py and src/ciguard/analyzer/sca/endoflife.py call the function json.loads() on response data without a maximum-bytes cap. A hostile or compromised server, or a successful TLS Man-in-the-Middle (MITM) attack, could return an excessively large response, leading to memory exhaustion and causing the process to be killed by the operating system (OOM kill) or resulting in system swap thrashing. This is particularly critical when the software runs in CI environments with limited memory budgets.

Recommendations Update ciguard to version 0.8.2.