CVE-2026-41726 — When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eve — CVE Database · The Intelligence Room