jqlang

Top products

The 15 most recently published vulnerabilities affecting jqlang.

• CVE-2026-43896jq: Stack Overflow in Recursive Object Merge6.2May 11, 2026
• CVE-2026-43895jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts4.4May 11, 2026
• CVE-2026-44777jq: stack overflow in module loading on mutual `include`5.5May 11, 2026
• CVE-2026-43894jq: Wild stack write via signed-integer overflow in decNumber D2U() macro6.2May 11, 2026
• CVE-2026-41256jq: Embedded NUL truncates top-level jq programs loaded with -f5.5May 11, 2026
• CVE-2026-40612jq: Stack overflow via unbounded recursion in jv_contains5.5May 11, 2026
• CVE-2026-41257jq: Signed-int overflow in `stack_reallocate` (jq VM stack)5.5May 11, 2026
• CVE-2026-33948jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input5.3Apr 13, 2026
• CVE-2026-40164jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed7.5Apr 13, 2026
• CVE-2026-39979jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers6.5Apr 13, 2026
• CVE-2026-39956jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure6.1Apr 13, 2026
• CVE-2026-33947jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted()6.2Apr 13, 2026
• CVE-2026-32316jq: Integer overflow in jvp_string_append() allows Heap-based Buffer Overflow8.2Apr 13, 2026
• CVE-2025-9403jqlang jq JSON jq_test.c run_jq_tests assertion3.3Aug 25, 2025
• CVE-2025-49014jq heap use after free vulnerability in f_strflocaltime5.3Jun 19, 2025