CVE-2026-23736 — seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, due to improper input validation, a malicious object key can — CVE Database · The Intelligence Room