Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the escapeandappend function in the document-builder API when processing very large input strings on platforms with limited sizet width. An attacker can cause out-of-bounds memory reads, potentially...

CVE-2026-8295

A flaw was found in simdjson, a JSON parsing library. An integer overflow vulnerability in the document-builder API, specifically within the stringbuilder::escapeandappend function, can occur when processing very large input strings on systems with limited sizet width, such as 32-bit builds. This...

CVE-2026-8295

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "stringbuilder::escapeandappend" when processing very large input strings on platforms with limited "sizet" width e.g., 32-bit builds. The overflow can cause insufficient buffer...

CVE-2026-8295 Integer overflow in simdjson

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "stringbuilder::escapeandappend" when processing very large input strings on platforms with limited "sizet" width e.g., 32-bit builds. The overflow can cause insufficient buffer...

CVE-2026-8295

The CVE-2026-8295 issue affects simdjson’s document-builder API, specifically the string_builder::escape_and_append() path. An integer overflow can occur when processing very large input strings on platforms with limited size_t width (e.g., 32-bit builds), causing insufficient buffer allocation a...