CVE-2026-43896 | jqlang jq up to 1.8.1 jv_object_merge_recursive recursion (GHSA-mg96-6h3q-g846)

Inserito da Angelo Barbosa | Mag 11, 2026 | CVE

A vulnerability classified as problematic was found in jqlang jq up to 1.8.1. The affected element is the function jv_object_merge_recursive. Executing a manipulation can lead to uncontrolled recursion.

This vulnerability appears as CVE-2026-43896. The attack requires local access. There is no available exploit.

CVE-2026-43896 | jqlang jq up to 1.8.1 jv_object_merge_recursive recursion (GHSA-mg96-6h3q-g846)

Post correlati

CVE-2025-4800 | MasterStudy LMS Pro Plugin up to 4.7.0 on WordPress stm_lms_add_assignment_attachment unrestricted upload

CVE-2024-1168 | SEOPress Plugin up to 7.9 on WordPress Social Image URL cross site scripting

CVE-2024-27292 | jhpyle docassemble up to 1.4.96 URL name resolution (GHSA-jq57-3w7p-vwvv)

CVE-2024-41674 | ckan up to 2.10.4 package_search information exposure (GHSA-2rqw-cfhc-35fh)