Mageia: Security Advisory (MGASA-2026-0090)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python311-Pygments-2.20.0-2.1 on GA media (moderate)

python311-Pygments-2.20.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10476-1 Rating: moderate Cross-References: CVE-2026-4539 CVSS scores: CVE-2026-4539 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability ca...

OPENSUSE-SU-2026:10476-1 python311-Pygments-2.20.0-2.1 on GA media

These are all security issues fixed in the python311-Pygments-2.20.0-2.1 package on the GA media of openSUSE Tumbleweed...

GHSA-5239-WWWM-4PMQ vulnerabilities

Vulnerabilities for packages: py3.14-pygments, reflex, jupyter-base-notebook, semgrep, tensorflow-cpu-jupyter, mycli, ggshield, kserve, az, py3-pygments, superset, open-webui, neuvector-manager, airflow, dask-kubernetes...

CVE-2026-4539 vulnerabilities

Vulnerabilities for packages: py3.14-pygments, reflex, jupyter-base-notebook, semgrep, tensorflow-cpu-jupyter, mycli, ggshield, kserve, az, py3-pygments, superset, open-webui, neuvector-manager, airflow, dask-kubernetes...

GHSA-5239-WWWM-4PMQ vulnerabilities

Vulnerabilities for packages: superset, pgadmin4, py3-pygments, neuvector-manager, airflow, request-1276, ansible-operator-fips, tensorflow-gpu-jupyter, mycli, label-studio, awx, datahub-ingestion, opal, az, ggshield, localstack, apache-beam-python-3.13-sdk, airflow-core, dask-kubernetes,...

CVE-2026-4539 vulnerabilities

Vulnerabilities for packages: superset, pgadmin4, py3-pygments, neuvector-manager, airflow, request-1276, ansible-operator-fips, tensorflow-gpu-jupyter, mycli, label-studio, awx, datahub-ingestion, opal, az, ggshield, localstack, apache-beam-python-3.13-sdk, airflow-core, dask-kubernetes,...

SUSE CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

CVE-2026-4539

A flaw was found in pygments. A local user can exploit this vulnerability by providing specially crafted input to the AdlLexer function, which leads to inefficient regular expression processing. This can result in a Denial of Service DoS, making the application unresponsive...

a-mailx (=0.1.0), a2grunnerp (>=0.1.0 <=0.1.8) +1641 more potentially affected by CVE-2026-4539 via pygments (>=2.0.2 <=2.1.3)

pygments PYPI version =2.0.2, =0.1.0, =0.1.0, =0.0.2, =2.0.0.1, =0.1.2, =0.0.1, =0.3.4, =0.4.0, =0.0.6, =0.1.0, =0.1.2 and more Source cves: CVE-2026-4539 Source advisory: SNYK:PYTHON-PYGMENTS-15746419...

a-mailx (=0.1.0), a2grunnerp (>=0.1.0 <=0.1.8) +1647 more potentially affected by CVE-2026-4539 via pygments (>=1.6.0 <=2.1.3)

pygments PYPI version =1.6.0, =0.1.0, =0.1.0, =0.0.2, =2.0.0.1, =0.1.2, =0.0.1, =0.3.4, =0.4.0, =0.0.6, =0.1.0, =0.1.2 and more Source cves: CVE-2026-4539 Source advisory: OSV:GHSA-5239-WWWM-4PMQ...

Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching

A security flaw has been discovered in pygments before 2.20.0. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been release...

GHSA-5239-WWWM-4PMQ Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching

A security flaw has been discovered in pygments before 2.20.0. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been release...

CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

UBUNTU-CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

CVE-2026-4539

CVE-2026-4539 affects the Pygments project, specifically the AdlLexer in pygments/lexers/archetype.py up to version 2.19.2. The issue stems from an inefficient regular expression construct in the AdlLexer, enabling a local-access DoS/slowdown scenario. Publicly released exploit material exists, a...

CVE-2026-4539 pygments archetype.py AdlLexer redos

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...