PatchSiren

FasterXML CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH FasterXML CVE published 2026-03-06

CVE-2026-29062

CVE-2026-29062 is a high-severity vulnerability in Jackson-Core, a popular Java library for processing JSON data. The vulnerability allows for a Denial of Service (DoS) attack due to a bypass of the maxNestingDepth constraint in the UTF8DataInputJsonParser and ReaderBasedJsonParser. This can be exploited by supplying a JSON document with excessive nesting, leading to a StackOverflowError. The issue has be [truncated]