Lucene search
K

214 matches found

Cvelist
Cvelist
added 2026/01/12 11:5 p.m.21 views

CVE-2024-58340 LangChain <= 0.3.1 MRKLOutputParser ReDoS

LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...

8.7CVSS0.0041EPSS
Exploits1References4
OSV
OSV
added 2026/01/12 11:5 p.m.5 views

CVE-2024-58340 LangChain <= 0.3.1 MRKLOutputParser ReDoS

LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service ReDoS vulnerability in the MRKLOutputParser.parse method libs/langchain/langchain/agents/mrkl/outputparser.py. The parser applies a backtracking-prone regular expression when extracting tool actions from...

8.7CVSS6.1AI score0.0041EPSS
Exploits1References6
OSV
OSV
added 2026/01/07 6:15 p.m.4 views

CVE-2026-0668

Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45...

5.3CVSS5.8AI score0.0041EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/23 3:22 p.m.9 views

Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.

Summary There are multiple vulnerabilities in IBM® Db2® 11.5 used by IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4.7 and earlier. Vulnerability Details CVEID:CVE-2015-8383 DESCRIPTION: PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a deni...

9.8CVSS9.8AI score0.07059EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.7 views

PT-2026-22035

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 Description n8n, an open source workflow automation platform, contains a critical Remote Code Execution RCE issue in its workflow expression evaluation...

9.9CVSS7.8AI score0.1016EPSS
Exploits0References41
OSV
OSV
added 2025/12/03 9:5 a.m.9 views

RLSA-2023:2654 Moderate: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18.14.2. Security Fixes: glob-parent: Regular Expression Denial of Service...

8.6CVSS7.5AI score0.02209EPSS
Exploits5References9
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 9:44 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933.

Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-3933 DESCRIPTION: A Regular Expression Deni...

5.3CVSS6.6AI score0.00431EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2025/11/26 2:42 a.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview valibot is a The modular and type safe schema library for validating structural data Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the EMOJIREGEX. An attacker can cause excessive CPU consumption and disrupt application availability by...

8.7CVSS6.5AI score0.00289EPSS
Exploits0References2
NVD
NVD
added 2025/11/26 2:15 a.m.38 views

CVE-2025-66020

Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...

7.5CVSS0.00289EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/26 1:49 a.m.1 views

CVE-2025-66020 Valibot has a ReDoS vulnerability in `EMOJI_REGEX`

Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU...

7.5CVSS6.5AI score0.00289EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/13 3:7 p.m.4 views

CVE-2025-62484 Zoom Workplace Clients - Inefficient Regular Expression Complexity

Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access...

8.1CVSS6.9AI score0.00294EPSS
Exploits0References1
OSV
OSV
added 2025/10/28 8:38 p.m.3 views

GHSA-7F5H-V6XP-FCQ8 Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

Summary An unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial‑of‑service for endpoints serving files e.g., StaticFiles or any use of...

7.5CVSS6.5AI score0.00638EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-0512

Malware in sbrugna...

5CVSS7.3AI score0.03584EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-15246

Malware in sbrugna...

7.5CVSS7.7AI score0.03647EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4753

Malware in sbrugna...

4CVSS7.6AI score0.03844EPSS
Exploits1References62
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-1945

Malware in sbrugna...

4.3CVSS6.1AI score0.02462EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-7186

Malware in sbrugna...

7.5CVSS7.4AI score0.03045EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0256

Malware in sbrugna...

7.5CVSS7.6AI score0.01584EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-6960

Malware in sbrugna...

5CVSS6AI score0.03235EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2006-0642

Malware in sbrugna...

4.6CVSS6.3AI score0.00342EPSS
Exploits0References3
Rows per page
Query Builder