CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.3CVSS5.4AI score0.00142EPSS

CVE-2026-41257 affecting package jq for versions less than 1.7.1-6

CVE-2026-41257 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

6.8CVSS5.4AI score0.00161EPSS

CVE-2026-44777 affecting package jq for versions less than 1.7.1-6

CVE-2026-44777 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

5.5CVSS5.4AI score0.00158EPSS

CVE-2026-41256 affecting package jq for versions less than 1.7.1-6

CVE-2026-41256 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

6.8CVSS5.4AI score0.00161EPSS

CVE-2026-40612 affecting package jq for versions less than 1.7.1-6

CVE-2026-40612 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

6.2CVSS5.4AI score0.00154EPSS

CVE-2026-43896 affecting package jq for versions less than 1.7.1-6

CVE-2026-43896 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

Rockylinux•added 2026/05/29 4:3 p.m.•10 views

jq security update

An update is available for jq. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list jq is a lightweight and flexible command-line JSON processor. jq is like sed for...

OSV•added 2026/05/29 4:3 p.m.•11 views

RLSA-2026:19151 Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00314EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

RockyLinux 10 : jq (RLSA-2026:19151)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19151 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

Tenable Nessus•added 2026/05/25 12:0 a.m.•11 views

Exploits1References5

Alibaba Cloud Linux 3 : 0115: jq (ALINUX3-SA-2026:0115)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0115 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-39979: A flaw was found in jq, a...

7.5CVSS5.9AI score0.00314EPSS

RedHat Linux•added 2026/05/19 10:19 p.m.•10 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

Tenable Nessus•added 2026/05/19 12:0 a.m.•7 views

RHEL 10 : jq (RHSA-2026:19151)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19151 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

7.5CVSS5.9AI score0.00314EPSS

Tenable Nessus•added 2026/05/19 12:0 a.m.•11 views

RHEL 9 : jq (RHSA-2026:19365)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19365 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

7.5CVSS5.9AI score0.00314EPSS

AlmaLinux•added 2026/05/19 12:0 a.m.•9 views

Important: jq security update

RedHat Linux•added 2026/05/18 12:28 p.m.•10 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

RedHat Linux•added 2026/05/18 12:16 p.m.•11 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

RedHat Linux•added 2026/05/18 12:10 p.m.•8 views

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

6.9CVSS5.8AI score0.00314EPSS

RedHat Linux•added 2026/05/18 12:6 p.m.•10 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

RedHat Linux•added 2026/05/18 12:6 p.m.•10 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

RedHat Linux•added 2026/05/18 12:6 p.m.•8 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...