High7.5Red Hat & Ubuntu Linux Updated
Denial of Service via crafted YAML ordered-map document
CVE-2026-59870 Published Jul 8, 2026Updated by vendor Jul 8, 2026
CVE-2026-59870
Affected products & platforms
Red Hat & Ubuntu LinuxUnclassified
Summary
Denial of Service via crafted YAML ordered-map document. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Mitigation checklist
Recommended fix / mitigation
- Avoid using the YAML11_SCHEMA when parsing untrusted YAML input, or upgrade to js-yaml 5.2.1 or later. Applications using the default schema (CORE_SCHEMA) are not affected.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.