CVE-2026-54517 | FasterXML jackson-databind up to 2.21.3/3.1.3 SetterlessProperty.isMerging authorization (GHSA-5hh8-q8hv-fr38)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in FasterXML jackson-databind up to 2.21.3/3.1.3. This vulnerability affects the function SetterlessProperty.isMerging. Performing a manipulation results in incorrect authorization.

This vulnerability is identified as CVE-2026-54517. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-54517 | FasterXML jackson-databind up to 2.21.3/3.1.3 SetterlessProperty.isMerging authorization (GHSA-5hh8-q8hv-fr38)

Post correlati

CVE-2024-2913 | mintplex-labs anything-llm User Invite toctou

CVE-2023-47415 | Cypress CTM-200 up to 2.7.1.5600 cli_text os command injection

CVE-2023-6623 | Essential Blocks Plugin up to 4.4.2 on WordPress REST API path traversal

CVE-2024-47239 | Dell PowerScale OneFS up to 9.4.0.19/9.5.1.1/9.7.1.2/9.9.0.0 resource consumption (dsa-2024-480)