CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

Security Bulletin: IBM Cinder plug-in is affected by a vulnerability in the Python Pygments-2.14.0 package [CVE-2022-40896]

Summary The Python Pygments package, a syntax highlighting package, is used by IBM Cinder plug-in. Pygments-2.14.0 is vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expressions in SqlJinjaLexer class vulnerability CVE-2022-40896. Vulnerability Detail...

UBUNTU-CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

python-pygments: ReDoS in multiple lexers

A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denyin...

The vulnerability of the SMLLexer function in the Pygments library allows a hacker to trigger a service failure.

The vulnerability of the SMLLexer function in the Pygments library is related to an infinite loop due to input. Exploiting this vulnerability could allow a malicious actor to cause service failure remotely...