Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 10 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat
Redhat hummingbird |
|
| Weaknesses | CWE-1333 | |
| CPEs | cpe:/a:redhat:hummingbird:1 | |
| Vendors & Products |
Redhat
Redhat hummingbird |
|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Thu, 09 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Nodeca
Nodeca js-yaml |
|
| Vendors & Products |
Nodeca
Nodeca js-yaml |
Wed, 08 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.0, when merge keys are enabled, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in version 5.2.0. | |
| Title | js-yaml: YAML merge-key chains can force quadratic CPU consumption | |
| Weaknesses | CWE-407 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-09T13:42:54.035Z
Reserved: 2026-07-07T15:41:53.607Z
Link: CVE-2026-59868
Updated: 2026-07-09T13:42:46.163Z
No data.
OpenCVE Enrichment
Updated: 2026-07-15T14:15:15Z