Main
Vulnerability Database
Exploits
ID:12578 - Exploit for Improper Null Termination in jq - CVE-2026-33948
ID:12578 - Exploit for Improper Null Termination in jq - CVE-2026-33948
Published: April 13, 2026
Vulnerability identifier: #VU125839
Vulnerability risk: Medium
CVE-ID: CVE-2026-33948
CWE-ID: CWE-170
Exploitation vector: Remote access
Vulnerable software:
jq
jq
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to embedded-NUL truncation in jq CLI JSON input path. A remote attacker can cause validation bypass on the system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.