CVE-2026-45205

ADVISORY - github

Summary

Uncontrolled Recursion vulnerability in Apache Commons.

When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0.

Users are recommended to upgrade to version 2.15.0, which fixes the issue.

EPSS Score⁠: 0.00098 (0.266)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-674⁠

Uncontrolled Recursion

ADVISORY - github

CWE-674⁠

Uncontrolled Recursion

Impacted images

Advisories

NIST

CREATED

6 days ago

UPDATED

5 days ago

ADVISORY IDCVE-2026-45205⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-674⁠

CVSS SCORE

5.3medium

GitHub

CREATED

6 days ago

UPDATED

2 hours ago

ADVISORY IDGHSA-337m-mw94-2v6g⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-674⁠

CVSS SCORE

5.3medium

Debian

CREATED

6 days ago

UPDATED

6 hours ago

ADVISORY IDCVE-2026-45205⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow