CVE-2026-59889 | FasterXML jackson-databind up to 3.2.0 UnwrappedPropertyHandler UnwrappedPropertyHandler.processUnwrapped view deserialization

SecurityVulns

A vulnerability, which was classified as critical, was found in FasterXML jackson-databind up to 2.18.8/2.21.4/2.22.0/3.1.4/3.2.0. Impacted is the function UnwrappedPropertyHandler.processUnwrapped of the component UnwrappedPropertyHandler. The manipulation of the argument view results in deserialization.

This vulnerability is cataloged as CVE-2026-59889. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More