CVE-2026-43896: Unbounded Recursive Merge
Unbounded recursion detected in a generic merge or recursive function. This can lead to stack exhaustion (CWE-674) if processing attacker-controlled nested structures. Pass a depth/level parameter and abort if it exceeds a maximal threshold.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
Cβ
Cβgreprules fetch cve-2026-43896-unbounded-recursive-merge --engine opengrepDescription
Unbounded recursion detected in a generic merge or recursive function. This can lead to stack exhaustion (CWE-674) if processing attacker-controlled nested structures. Pass a depth/level parameter and abort if it exceeds a maximal threshold.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0