1031 matches found
CVE-2026-26006
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used...
CVE-2026-26006
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used...
CVE-2026-26006
AutoGPT (significant-gravitas/autogpt) before version 0.6.32 is vulnerable in the Code Extraction Block due to two adjacent quantifiers in regex patterns that can cause catastrophic backtracking with long sequences of spaces, leading to DoS. The fix is to upgrade to 0.6.32. If upgrading is not po...
CVE-2026-26006 Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autogpt
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the matchpattern function due to inefficient processing of the complex regular expressions. An attacker can cause resource exhaustion by supplying specially crafted input that...
UBUNTU-CVE-2025-11175
Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extensio...
Kata Containers Code Issues and Vulnerabilities
Kata Containers is an open-source, lightweight virtual infrastructure building tool developed by the Kata Containers community. Versions of Kata Containers prior to 3.26.0 contained code vulnerabilities. These vulnerabilities stemmed from the backtracking of empty directories when handling...
SUSE CVE-2026-23956
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 0.2.0 through 1.4.0, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegE...
CVE-2026-23956 seroval affected by Denial of Service via RegExp serialization
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 0.2.0 through 1.4.0, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegE...
CVE-2026-23956
CVE-2026-23956 concerns the seroval JavaScript value-stringification library. A flaw in RegExp serialization during deserialization allows memory exhaustion and, in some cases, Regular Expression Denial of Service (ReDoS). Affected versions are 1.4.0 and below; the issue is fixed in 1.4.1. Public...
GHSA-HX9M-JF43-8FFR seroval affected by Denial of Service via RegExp serialization
Overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegExp serialization with patterns that trigger catastrophic backtracking can lead to ReDoS Regular Expression Denial of Service. Mitigation: Serova...
seroval affected by Denial of Service via RegExp serialization
Overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegExp serialization with patterns that trigger catastrophic backtracking can lead to ReDoS Regular Expression Denial of Service. Mitigation: Serova...
Regular Expression Denial Of Service (ReDoS)
@modelcontextprotocol/sdk is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to inefficiently constructed regular expressions with nested quantifiers in the UriTemplate class, which allows an attacker to supply a crafted URI that triggers catastrophic backtracki...
MiracleLinux 7 : python-2.7.5-94.0.3.el7.AXS7 (AXSA:2024-8926:48)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8926:48 advisory. CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via...
MiracleLinux 7 : python3-3.6.8-17.el7 (AXSA:2020-630:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-630:02 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: wrong backtracking in...
MiracleLinux 7 : python-2.7.5-76.0.1.el7.AXS7 (AXSA:2019-3684:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3684:02 advisory. python: DOS via regular expression backtracking in difflib.ISLINEJUNK method in difflib CVE-2018-1061 python: DOS via regular expression catastrophi...
AJAR: Adaptive Jailbreak Architecture for Red-Teaming
As Large Language Models LLMs evolve from static chatbots into autonomous agents capable of tool execution, the landscape of AI safety is shifting from content moderation to action security. However, existing red-teaming frameworks remain bifurcated: they either focus on rigid, script-based text...
CVE-2024-58340
LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...
CVE-2024-58340
LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...
PYSEC-2026-75
LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...