Lucene search
K

The vulnerability of the minimatch library on the Node.js software platform lies in the use of a regular expression with inefficient computational complexity, which allows attackers to trigger a service failure.

🗓️ 25 May 2026 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 2 Views

Vulnerability in minimatch for Node.js uses an inefficient regular expression, risking remote service interruptions.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: A vulnerability in the minimatch package affects IBM® Db2® Big SQL on IBM Cloud Pak for Data.
15 May 202614:43
ibm
IBM Security Bulletins
Security Bulletin: IBM Maximo Application Suite - IoT Component uses multiple third party dependencies which is vulnerable to multiple CVEs.
1 Apr 202607:22
ibm
IBM Security Bulletins
Security Bulletin: DevOps Test Performance contains a potential denial of service (DoS) vulnerability
10 Apr 202613:04
ibm
IBM Security Bulletins
Security Bulletin: IBM Edge Data Collector uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904
1 May 202611:55
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in minimatch affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
22 Jun 202613:47
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Engineering AI hub.
6 May 202608:24
ibm
IBM Security Bulletins
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses minimatch-3.1.2.tgz, minimatch-7.4.6.tgz, minimatch-9.0.5.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904.
1 May 202611:55
ibm
IBM Security Bulletins
Security Bulletin: IBM Maximo Scheduler Optimizer uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904
7 May 202613:49
ibm
IBM Security Bulletins
Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in minimatch (CVE-2026-26996, CVE-2026-27903, CVE-2026-27904)
31 May 202613:40
ibm
IBM Security Bulletins
Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities
30 Jun 202612:14
ibm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Jul 2026 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS 37.5
CVSS 27.8
EPSS0.00519
2