ROOT-APP-NPM-CVE-2026-4926 CVE-2026-4926 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2026-4926 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update (Important) (RHSA-2026:24761)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24761 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in path-to-regexp

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in path-to-regexp. CVE-2026-4923, CVE-2026-4926 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-4923 DESCRIPTION: Impact: When using multiple...

CLEANSTART-2026-BE61221 Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0

Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-4926 vulnerabilities

Vulnerabilities for packages: tileserver-gl, saf, langfuse, code-server, thingsboard, vitess...

CVE-2026-4926 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, saf, vitess, tileserver-gl, gemini-cli, redisinsight, thingsboard, langfuse-fips, code-server, langfuse, wazuh-dashboard, tileserver-gl-fips, opensearch-dashboards-fips, kibana...

07-calito-router (>=0.0.2 <=0.0.4), 07-dey-router (>=0.0.1 <=0.0.2) +991 more potentially affected by CVE-2026-4926 via path-to-regexp (>=8.0.0 <=8.3.0)

path-to-regexp NPM version =8.0.0, =0.0.2, =0.0.1, =0.0.0, =0.0.1, =0.0.1, =0.0.0, =0.0.1, =0.0.2, =0.0.1-alpha.2, =0.0.1-alpha.1, =4.0.61, =4.0.61, =0.0.1, =0.3.1, =0.3.4 and more Source cves: CVE-2026-4926 Source advisory: OSV:GHSA-J3Q9-MXJG-W52F...

org.webjars.npm:chai-backbone (=0.9.2), org.webjars.npm:express (=5.1.0) +5 more potentially affected by CVE-2026-4926 via org.webjars.npm:path-to-regexp (=8.2.0)

org.webjars.npm:path-to-regexp MAVEN version =8.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:path-to-regexp and may be impacted: - org.webjars.npm:chai-backbone =0.9.2 - org.webjars.npm:express =5.1.0 -...

07-calito-router (>=0.0.2 <=0.0.4), 07-dey-router (>=0.0.1 <=0.0.2) +991 more potentially affected by CVE-2026-4926 via path-to-regexp (>=8.0.0 <=8.3.0)

path-to-regexp NPM version =8.0.0, =0.0.2, =0.0.1, =0.0.0, =0.0.1, =0.0.1, =0.0.0, =0.0.1, =0.0.2, =0.0.1-alpha.2, =0.0.1-alpha.1, =4.0.61, =4.0.61, =0.0.1, =0.3.1, =0.3.4 and more Source cves: CVE-2026-4926 Source advisory: SNYK:JS-PATHTOREGEXP-15789763...

CVE-2026-4926

creationtimestamp| type| source ---|---|--- 2026-03-26 18:55:29+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mhybqr5nz227 2026-03-26 20:03:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhyfjwhnel27 2026-03-26 21:01:16+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-4926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: A bad regular expression is generated any time you have multiple sequential optional groups curly brace syntax, such as abc:z. The generated regex grows...