CVE-2026-42328 | ipld go–prime up to 0.22.x DAG-JSON Decoder recursion

A vulnerability, which was classified as problematic, has been found in ipld go–prime up to 0.22.x. Affected by this vulnerability is an unknown functionality of the component DAG-JSON Decoder. Performing a manipulation results in uncontrolled recursion.

This vulnerability is known as CVE-2026-42328. Attacking locally is a requirement. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More