CVE-2026-52746
ADVISORY - githubSummary
Impact
In JSONata <v2.2.0, it is possible to craft non-matching inputs to the $toMillis function that cause superlinear backtracking in the ISO-8601 validation regex. This may lead to denial of service in applications that evaluate user-provided JSONata expressions.
Patches
This issue has been addressed in JSONata version >= 2.2.0 via fixes that include https://github.com/jsonata-js/jsonata/pull/782 and https://github.com/jsonata-js/jsonata/pull/793. Applications that evaluate user-provided expressions should update ASAP to prevent exploitation.
References
https://github.com/jsonata-js/jsonata/releases/tag/v2.2.0
Credit
Thank you to Doruk Tan Öztürk for disclosing this issue.
Common Weakness Enumeration (CWE)
ADVISORY - github
Inefficient Regular Expression Complexity
GitHub
CREATED
UPDATED
ADVISORY IDGHSA-86vw-mfpg-wwv9
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)