9286 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012989)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012989 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget nftunregisterexpr can concurrent...
CVE-2026-32613
Spinnaker is affected by a security issue in its use of Spring Expression Language (SPeL) where, in versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, the SPeL context was not restricted to trusted classes, allowing FULL JVM access. This enables a user to invoke arbitrary Java classes,...
CVE-2026-32613 Spinnaker vulnerable to RCE via expression parsing due to unrestricted context handling
Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL Spring Expression Language to process information - specifically around expected artifacts. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, unlike orca, it was NOT...
CVE-2026-41282
Summary: CVE-2026-41282 affects ProjectDiscovery Nuclei prior to 3.8.0, where DSL expression injection is possible when using -env-vars for multi-step templates against untrusted targets configured non-defaultly. The Red Hat advisory describes a flaw enabling DSL injection that could lead to unau...
ROS-20260420-73-0038
Vulnerability in nodejs-minimatch related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Nuclei 安全漏洞
Nuclei is a fast-customizable vulnerability scanner based on simple YAML, open-sourced by ProjectDiscovery. Versions of Nuclei prior to 3.8.0 have security vulnerabilities, which stem from DSL expression injection and may affect the use of multi-step templates...
Giskard Has A Regular Expression Denial Of Service (ReDoS) In RegexMatching Check
Summary The RegexMatching check in the "giskard-checks" package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs...
CVE-2026-40319 Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check
Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search without any timeout or complexity guard. A crafted regex pattern can trigger catastrophic backtracking,...
CVE-2026-40319 Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check
Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search without any timeout or complexity guard. A crafted regex pattern can trigger catastrophic backtracking,...
CVE-2026-40319
CVE-2026-40319 affects Giskard’s giskard-checks RegexMatching, where a user-supplied regex pattern is passed to Python's re.search() without a timeout or complexity guard in versions prior to 1.0.2b1. This can cause catastrophic backtracking (ReDoS) and potentially hang the process. Exploitation ...
Exploit for CVE-2026-39842
CVE-2026-39842: OpenRemote Expression Injection RCE in Rules E...
Regular Expression Denial Of Service
fast-jwt is vulnerable to Regular Expression Denial of Service. The vulnerability is due to the library allowing regular expressions in claim validation, where a crafted JWT can trigger catastrophic backtracking in the JavaScript regex engine, resulting in significant CPU consumption during...
ROS-20260417-73-0021
Vulnerability in python-PyPDF2 related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
thymeleaf 安全漏洞
Thymeleaf is an open-source Java template engine developed by Thymeleaf projects. Versions of Thymeleaf 3.1.3.RELEASE and earlier contain security vulnerabilities. These vulnerabilities stem from a security bypass in the expression execution mechanism; certain syntax patterns are not properly...
thymeleaf 安全漏洞
Thymeleaf is an open-source Java template engine developed by Thymeleaf projects. Versions of Thymeleaf 3.1.3.RELEASE and earlier contain security vulnerabilities. These vulnerabilities stem from a security bypass in the expression execution mechanism; access to certain objects is not properly...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007270)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007270 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget nftunregisterexpr can concurrent...
Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints
Summary The authenticated middleware uses unanchored regular expressions to match public no-auth endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint by appending a public endpoint path as a query paramete...
Unsafe object property setter in mathjs
Impact This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. Patches The issue was introduced in mathjs v13.1.1, an...
GHSA-29QV-4J9F-FJW5 Unsafe object property setter in mathjs
Impact This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. Patches The issue was introduced in mathjs v13.1.1, an...
GHSA-VP6R-9M58-5XV8 OmniFaces: EL injection via crafted resource name in wildcard CDN mapping
Impact Server-side EL injection leading to Remote Code Execution RCE. Affects applications that use CDNResourceHandler with a wildcard CDN mapping e.g. libraryName:=https://cdn.example.com/. An attacker can craft a resource request URL containing an EL expression in the resource name, which is...