A vulnerability marked as problematic has been reported in ruby-concurrency concurrent-ruby up to 1.3.6. This affects the function Float::NAN. Performing a manipulation results in infinite loop.

This vulnerability was named CVE-2026-54904. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.