Home > Vulnerability Database > CVE-2025-9403

Mend.io Vulnerability Database

CVE-2025-9403

Good to know:

Date: August 24, 2025

A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function run_jq_tests of the file jq_test.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Other versions might be affected as well.

Severity Score

5.5

Related Resources (8)

Url: https://vuldb.com/?submit.633170

Url: https://drive.google.com/file/d/1r8m9PhU_rk-QPj6OMcs415FcvWPD-zJY/view?usp=sharing

Url: https://github.com/jqlang/jq/issues/3393

Url: https://vuldb.com/?id.321239

Url: https://vuldb.com/?ctiid.321239

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-9403

Url: https://security-tracker.debian.org/tracker/CVE-2025-9403

Url: https://www.mend.io/vulnerability-database/CVE-2025-9403

Severity Score

5.5

Weakness Type (CWE)

Reachable Assertion

CWE-617

Top Fix

Upgrade Version

Upgrade to version https://github.com/jqlang/jq.git - no_fix

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-9403

Good to know:

Date: August 24, 2025

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?