{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T21:18:48.982","vulnerabilities":[{"cve":{"id":"CVE-2026-23957","sourceIdentifier":"security-advisories@github.com","published":"2026-01-22T02:15:52.470","lastModified":"2026-04-06T13:51:20.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0\nand below, overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to significantly increase processing time. This issue has been fixed in version 1.4.1."},{"lang":"es","value":"seroval facilita la serialización de valores JS, incluyendo estructuras complejas más allá de las capacidades de JSON.stringify. En las versiones 1.4.0 e inferiores, la anulación de las longitudes de arrays codificados al reemplazarlas con un valor excesivamente grande provoca que el proceso de deserialización aumente significativamente el tiempo de procesamiento. Este problema ha sido solucionado en la versión 1.4.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lxsmnsyc:seroval:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.4.1","matchCriteriaId":"85760E40-9AB1-40EB-98A1-D1A4411AAFC5"}]}]}],"references":[{"url":"https://github.com/lxsmnsyc/seroval/commit/ce9408ebc87312fcad345a73c172212f2a798060","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lxsmnsyc/seroval/security/advisories/GHSA-66fc-rw6m-c2q6","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}}]}