tools.jackson.core:jackson-databind (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package tools.jackson.core:jackson-databind, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2026-54513 — CVSS 8.1 (high): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until…
CVE-2026-54512 — CVSS 8.1 (high): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until…
CVE-2026-54518 — CVSS 6.5 (medium): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until…
CVE-2026-54517 — CVSS 5.3 (medium): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until…
CVE-2026-54515 — CVSS 5.3 (medium): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until…
CVE-2026-54514 — CVSS 5.3 (medium): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until…
CVE-2026-54516 — CVSS 5.3 (medium): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until…