RubyGems: Server-side ReDoS via user-controlled regex in OIDC Access Policy

The OIDC Access Policy implementation evaluated user-supplied regular expressions against JWT claim values using Ruby's Regexp engine without any timeout or complexity validation. The vulnerable code path was Regexp.newvalue.match?claimvalue, where value was fully user-controlled and claimvalue w...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.1 Vulnerability Details CVEID:CVE-2023-39804 DESCRIPTION: In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVSS Source: IBM X-Force CVSS Base...

Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

No d...

GHSA-6CQR-8CFR-67F8 n8n Has Expression Escape Vulnerability Leading to RCE

Impact Additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613. An authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on th...

Regular Expression Denial of Service (ReDoS)

Overview apollo-server is a Production ready GraphQL Server Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the startStandaloneServer function. An attacker can cause the server to become unresponsive by sending specially crafted request bodies wi...

Regular Expression Denial of Service (ReDoS)

Overview @apollo/server is a spec-compliant GraphQL server that's compatible with any GraphQL client, including Apollo Client. Successor to apollo-server-core, et al. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the startStandaloneServer...

CVE-2026-25049 n8n Has an Expression Escape Vulnerability Leading to RCE

n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue h...

CVE-2026-25049

CVE-2026-25049 affects n8n open-source workflow automation. An authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. The issue is addressed in versions 1.123.1...

CVE-2026-25049 n8n Has an Expression Escape Vulnerability Leading to RCE

n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue h...

CVE-2026-25155

Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. This issue has been patched in version 1.12.0...

Atlassian Jira Service Management Data Center and Server 11.3.x < 11.3.1 (JSDSERVER-16496)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16496 advisory. - Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service...

Security Bulletin: Vulnerability in minimatch-3.0.4.tgz affects IBM Db2 Data Management Console(CVE-2022-3517)

Summary minimatch-3.0.4.tgz open source library is used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.3.0 Vulnerability Details CVEID:CVE-2025-64512 DESCRIPTION: Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to...

CVE-2025-11175

Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extensio...

EUVD-2020-30929

AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially constructed URL with embedde...

CVE-2020-37052

AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially constructed URL with embedde...

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

CVE-2020-37052

AirControl 1.4.2 is affected by a pre‑authentication remote code execution vulnerability. An unauthenticated attacker can exploit the /.seam (and /seam) endpoint by crafting URLs with embedded Java expressions to execute arbitrary system commands with the application's privileges. Root cause is J...

CVE-2020-37052 AirControl 1.4.2 - PreAuth Remote Code Execution

AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially constructed URL with embedde...

CVE-2020-37052

AirControl 1.4.2 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through malicious Java expression injection. Attackers can exploit the /.seam endpoint by crafting a specially constructed URL with embedde...