CVE-2026-24006
- EPSS 0.03%
- Veröffentlicht 22.01.2026 02:32:31
- Zuletzt bearbeitet 27.02.2026 14:44:36
Seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, serialization of objects with extreme depth can exceed the maximum call stack limit. In version 1.4.1, Seroval...
CVE-2026-23957
- EPSS 0.09%
- Veröffentlicht 22.01.2026 01:26:53
- Zuletzt bearbeitet 27.02.2026 14:49:42
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding encoded array lengths by replacing them with an excessively large value causes the deserialization ...
CVE-2026-23956
- EPSS 0.03%
- Veröffentlicht 22.01.2026 01:23:58
- Zuletzt bearbeitet 27.02.2026 19:33:23
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during des...
CVE-2026-23737
- EPSS 0.24%
- Veröffentlicht 21.01.2026 23:09:34
- Zuletzt bearbeitet 27.02.2026 19:31:57
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, improper input handling in the JSON deserialization component can lead to arbitrary JavaScript code execution....
CVE-2026-23736
- EPSS 0.2%
- Veröffentlicht 21.01.2026 23:01:10
- Zuletzt bearbeitet 27.02.2026 19:36:50
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, due to improper input validation, a malicious object key can lead to prototype pollution during JSON deseriali...