What Was Disclosed
GitHub published advisory GHSA-9rfg-v8g9-9367 for CVE-2026-42462, a high-severity issue in the npm package @fedify/fedify. The advisory lists versions before 2.2.3 as affected and 2.2.3 as the patched version.
Fedify's 2.2.3 changelog and release notes say the release fixed a Linked Data Signature verification issue that could let certain signed activities be interpreted differently than intended. The advisory was published in the Fedify repository on May 20, 2026 and published to the GitHub Advisory Database on May 26, 2026.
Why Shape and Graph Can Diverge
The vulnerable boundary was not ordinary JSON syntax. The advisory explains that Linked Data Signatures were checked over a canonical RDF graph representation, while application behavior still depended on the incoming JSON-LD tree shape. JSON-LD can express the same graph through different object structures, so a signature can stay valid while the payload shape changes.
GitHub's advisory calls out JSON-LD features including @graph, @reverse, and @included. Those features can move or hide fields from the tree shape many ActivityPub implementations inspect, while preserving the graph representation used for signature verification.
The Validation Boundary Lesson
For JSON-adjacent security checks, this is the same lesson seen in parser interoperability issues: a payload must be validated in the same representation that the application will consume. Syntax validity, pretty printing, canonical graph equivalence, and business-rule interpretation are separate checks.
That distinction matters for browser-based developer tools. A local JSON formatter or diff tool can keep pasted data private and can make risky structures visible, but it should not imply that a signed JSON-LD document is safe for a specific ActivityPub or Linked Data workflow unless it applies that workflow's exact compaction, rejection, and verification rules.
Guidance for Developers
Projects using @fedify/fedify should upgrade to 2.2.3 or later. The advisory recommends rejecting @graph, @included, and @reverse after compacting incoming activities to the application's local context, because aliases can otherwise hide those keywords.
More generally, tool authors should be explicit about the trust boundary they cover. Formatters, repair tools, and validators can confirm that bytes form JSON and can help inspect suspicious structures locally, but signature, authorization, and replay checks need to run against the exact normalized form the application will act on.