CVE-2026-52746

ADVISORY - github

Summary

Impact

In JSONata <v2.2.0, it is possible to craft non-matching inputs to the $toMillis function that cause superlinear backtracking in the ISO-8601 validation regex. This may lead to denial of service in applications that evaluate user-provided JSONata expressions.

Patches

This issue has been addressed in JSONata version >= 2.2.0 via fixes that include https://github.com/jsonata-js/jsonata/pull/782 and https://github.com/jsonata-js/jsonata/pull/793. Applications that evaluate user-provided expressions should update ASAP to prevent exploitation.

References

https://github.com/jsonata-js/jsonata/releases/tag/v2.2.0

Credit

Thank you to Doruk Tan Öztürk for disclosing this issue.

Common Weakness Enumeration (CWE)

ADVISORY - github

Inefficient Regular Expression Complexity


GitHub

CREATED

UPDATED

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.5high