CVE-2026-41256 | jqlang jq up to 1.8.1 JSON Parser null byte or nul character (GHSA-vf2h-chrj-q3fg)

A vulnerability marked as problematic has been reported in jqlang jq up to 1.8.1. The affected element is an unknown function of the component JSON Parser. Performing a manipulation results in improper neutralization of null byte or nul character.

This vulnerability is cataloged as CVE-2026-41256. The attack must be initiated from a local position. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More