HIGH
lxsmnsyc
CVE published 2026-01-22
CVE-2026-23956
CVE-2026-23956 is a high-severity vulnerability in Seroval, a JavaScript library for serializing complex values beyond JSON.stringify capabilities. The issue affects versions 0.2.0 through 1.4.0 and was published on January 22, 2026, with a subsequent modification on May 20, 2026. The vulnerability stems from improper handling of user-controlled RegExp serialization, enabling two distinct attack vectors: [truncated]