CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

PT-2026-39711

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description The bytecode VM's data stack tracks its allocation size using a signed integer. When the stack grows beyond approximately 1 GiB through deeply nested generator forks, the doubling arithmetic overflows. Th...