CVE-2025-66020
Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...