CVE-2026-59870
CVE-2026-59870 affects js-yaml prior to 5.2.1. The YAML11_SCHEMA’s handling of the !!omap tag in omap.ts performs a linear duplicate-key scan on each insertion, causing O(n^2) CPU usage when yaml.load() parses crafted ordered-map documents. Red Hat and NVD entries confirm this results in CPU-inte...