UltraJSON (ujson) versions prior to 5.12.1 contain a memory leak vulnerability in the `ujson.dump()` function. When writing to a file-like object, if the underlying write operation raises an exception, the serialized JSON string object is not properly decremented, causing memory to leak. The leaked memory equals the full size of the serialized payload for each failed write operation. This vulnerability is [truncated]
CVE-2026-32875 is a high-severity vulnerability in UltraJSON, a fast JSON encoder and decoder for Python. The vulnerability affects versions 5.10 through 5.11.0 and can lead to a buffer overflow or infinite loop through large indent handling. The issue arises when the product of the indent parameter and the nested depth of the input exceeds INT32_MAX, causing the Python interpreter to crash or get stuck i [truncated]