Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: jackson-databind Clear
ID Title
CVE-2026-54512 Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512). Successful exploitation can lead to full system takeover. Exploitable via ``PolymorphicTypeValidator``. Mitigation: upgrade to `2.21.4` or later.
CVE-2026-50193 Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-50193)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-50193). Risk of unauthorized operations or information disclosure. Exploitable via ``JsonNode``. Mitigation: upgrade to `2.14.0` or later.
CVE-2026-54518 Authorization Flaw in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54518)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54518). Risk of unauthorized operations or information disclosure. Exploitable via ``d633bc0``. Mitigation: upgrade to `2.21.4` or later.
CVE-2026-54513 Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54513)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54513). Successful exploitation can lead to full system takeover. Exploitable via ``EvilType``. Mitigation: upgrade to `3.1.4` or later.
CVE-2026-54514 SSRF (Server-Side Request Forgery) in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54514)
SSRF in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54514). Risk of unauthorized operations or information disclosure. Exploitable via ``JDKFromStringDeserializer``. Mitigation: upgrade to `3.1.4` or later.
CVE-2026-54515 Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54515)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54515). Risk of unauthorized operations or information disclosure. Exploitable via ``contextual``. Mitigation: upgrade to `2.18.9` or later.
CVE-2026-54516 Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54516)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54516). Risk of unauthorized operations or information disclosure. Exploitable via ``MapperFeature.INFER_PROPERTY_MUTATORS``. Mitigation: upgrade to `3.1.4` or later.
CVE-2026-54517 Authorization Flaw in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54517)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54517). Risk of unauthorized operations or information disclosure. Exploitable via ``true``. Mitigation: upgrade to `3.1.4` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →