Rubyconcurrency Concurrent Ruby — known CVE vulnerabilities
Every CVE whose affected-product data names Rubyconcurrency Concurrent Ruby, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-54906 — CVSS 9.8 (critical): concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLock#release_write_lock does not verify that…
CVE-2026-54904 — CVSS 7.5 (high): concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReference#update can enter a permanent busy retry…
CVE-2026-54905 — CVSS 5.5 (medium): concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write…