Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-52746

HIGH NVD
CVSS Score 7.5
Severity HIGH
Published Jul 17, 2026
Vendor unknown

Description

JSONata is a JSON query and transformation language. Prior to 2.2.0, malicious non-matching inputs to the $toMillis function can cause superlinear backtracking in the ISO-8601 validation regex, leading to denial of service in applications that evaluate user-provided JSONata expressions. This issue is fixed in version 2.2.0.

References