CVE-2026-48042 | envoyproxy envoy up to 1.35.10/1.36.6/1.37.2/1.38.0 JSON Object excessively deep nesting (GHSA-f24p-rxw2-g6pv)

SecurityVulns

A vulnerability was found in envoyproxy envoy up to 1.35.10/1.36.6/1.37.2/1.38.0 and classified as problematic. The affected element is an unknown function of the component JSON Object Handler. Such manipulation leads to excessively deep nesting.

This vulnerability is documented as CVE-2026-48042. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More