CVE-2026-32316

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2

Description An integer overflow occurs within the jvp string append() and jvp string copy replace bad() functions when concatenating strings with a combined length exceeding 2^31 bytes. This leads to a 32-bit unsigned integer overflow during the buffer allocation size calculation, resulting in an undersized heap buffer. Subsequent memory copy operations write the full string data into this buffer, causing a heap-based buffer overflow. This issue stems from a lack of string size bounds checking. An attacker can exploit this by crafting queries that produce extremely large strings to crash the process or achieve heap corruption.

Recommendations Update to a version later than 1.8.1.