Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/05/25 10:48 a.m.13 views

CVE-2026-33079

A flaw was found in Mistune, a Markdown parser. This vulnerability, known as Regular Expression Denial of Service ReDoS, exists in the LINKTITLERE regular expression. A remote attacker can exploit this by providing specially crafted Markdown input, which causes the regular expression engine to...

8.7CVSS5.8AI score0.00481EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.14 views

SUSE CVE-2026-33079

In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles contains overlapping...

7.5CVSS5.8AI score0.00481EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 5:25 p.m.5 views

CVE-2026-33079

In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles contains overlapping...

8.7CVSS5.8AI score0.00481EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 5:25 p.m.8 views

CVE-2026-33079

In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can supply Markdown for parsing to cause denial of service. The regular expression used for parsing link titles contains overlapping...

8.7CVSS5.8AI score0.00481EPSS
Exploits0
Snyk
Snyk
added 2026/05/06 4:52 p.m.8 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the LINKTITLERE regular expression in Markdown parsing. An attacker can cause excessive resource consumption and make the application unresponsive by submitting specially crafted Markdo...

8.7CVSS5.8AI score0.00481EPSS
Exploits0References2
OSV
OSV
added 2026/05/06 4:52 p.m.5 views

GHSA-8MP2-V27R-99XP Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

Summary A ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE allows an attacker who can supply Markdown for parsing to cause denial of service. A crafted 58-byte Markdown document blocks the parser for approximately 6 seconds measured on Apple M2, Python 3.14.3, with...

8.7CVSS6AI score0.00481EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/06 4:52 p.m.8 views

Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

Summary A ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE allows an attacker who can supply Markdown for parsing to cause denial of service. A crafted 58-byte Markdown document blocks the parser for approximately 6 seconds measured on Apple M2, Python 3.14.3, with...

8.7CVSS6AI score0.00481EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-38088

Name of the Vulnerable Software and Affected Versions Mistune versions 3.0.0a1 through 3.2.0 Description A Regular Expression Denial of Service ReDoS exists in the LINK TITLE RE regular expression. An attacker can provide specially crafted Markdown for parsing that triggers catastrophic...

8.7CVSS5.7AI score0.00481EPSS
Exploits0References19
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.14 views

mistune 安全漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune from 3.0.0a1 to 3.2.0 contain security vulnerabilities. These vulnerabilities stem from a denial-of-service attack involving regular expressions in LINKTITLERE, which could allow attackers to...

8.7CVSS5.8AI score0.00481EPSS
Exploits0References2
Rows per page
Query Builder