CVE-2026-34043
mediumCVSS v3 Base Score
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 95% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Published: March 31, 2026 (101 days ago)
Last Modified: March 31, 2026
Vendor: Red Hat
Fix Available: ✓ Yes
Source: REDHAT
Vulnerability Report
Generated by CyberWatcher
Description
Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service (DoS) vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object (an object that inherits from Array.prototype but has a very large length property), the process enters an intensive loop that consumes 100% CPU and hangs indefinitely. This issue has been patched in version 7.0.5.
CWE
CWE-835Affected Products
Cryostat 4Gatekeeper 3Logging Subsystem for Red Hat OpenShiftNetwork Observability OperatorNode HealthCheck OperatorRed Hat 3scale API Management Platform 2Red Hat AMQ Broker 7Red Hat Ansible Automation Platform 2Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apicurio Registry 2