CVE-2026-32316 | jqlang jq up to 1.8.1 jvp_string_append/jvp_string_copy_replace_bad heap-based overflow (GHSA-q3h9-m34w-h76f)

A vulnerability was found in jqlang jq up to 1.8.1. It has been rated as critical. Affected by this vulnerability is the function jvp_string_append/jvp_string_copy_replace_bad. The manipulation leads to heap-based buffer overflow.

This vulnerability is listed as CVE-2026-32316. The attack may be initiated remotely. There is no available exploit.

To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More