CVE-2026-4539

CVE-2026-4539 affects the Pygments project, specifically the AdlLexer in pygments/lexers/archetype.py up to version 2.19.2. The issue stems from an inefficient regular expression construct in the AdlLexer, enabling a local-access DoS/slowdown scenario. Publicly released exploit material exists, a...

CVE-2026-22178

CVE-2026-22178 concerns OpenClaw. Vulnerability arises when versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata inside stripBotMention(), enabling regex injection and potential ReDoS. Attackers can craft nested-quantifier patterns or metacharacters...

Security Bulletin: Inefficient Regular Expression Complexity (ReDoS) Vulnerability in nth-check affect IBM watsonx.data

Summary nth-check is vulnerable to Inefficient Regular Expression Complexity. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2021-3803 DESCRIPTION: nth-check is vulnerable to Inefficient Regular Expression Complexity CWE:CWE-1333: Inefficient Regular Expression Complexity CVSS...

GHSA-P2M9-WCP5-6QW3 multipart vulnerable to ReDoS in `parse_options_header()`

Summary The parseoptionsheader function in multipart.py uses a regular expression with an ambiguous alternation, which can cause exponential backtracking ReDoS when parsing maliciously crafted HTTP or multipart segment headers. This can be abused for denial of service DoS attacks against web...

CVE-2026-28356 ReDoS in multipart 1.3.0 - `parse_options_header()`

multipart is a fast multipart/form-data parser for python. Prior to 1.2.2, 1.3.1 and 1.4.0-dev, the parseoptionsheader function in multipart.py uses a regular expression with an ambiguous alternation, which can cause exponential backtracking ReDoS when parsing maliciously crafted HTTP or multipar...

Elysia has a string URL format ReDoS

Impact t.String format: 'url' is vulnerable to redos Repeating a partial url format protocol and hostname multiple times cause regex to slow down significantly js 'http://a'.repeatn Here's a table demonstrating how long it takes to process repeated partial url format | n repeat | elapsedms | | --...

GHSA-F45G-68Q3-5W8X Elysia has a string URL format ReDoS

Impact t.String format: 'url' is vulnerable to redos Repeating a partial url format protocol and hostname multiple times cause regex to slow down significantly js 'http://a'.repeatn Here's a table demonstrating how long it takes to process repeated partial url format | n repeat | elapsedms | | --...

CVE-2026-30837 Elysia has a string URL format redos

Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Prior to 1.4.26 , t.String format: 'url' is vulnerable to ReDoS. Repeating a partial url format protocol and hostname multiple times cause regex to slow down...

EUVD-2026-10861

Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Prior to 1.4.26 , t.String format: 'url' is vulnerable to ReDoS. Repeating a partial url format protocol and hostname multiple times cause regex to slow down...

CVE-2026-30837

Elysia (TypeScript framework) prior to v1.4.26 is affected by a ReDoS in t.String({ format: 'url' }) where repeating a partial URL format (protocol/hostname) makes the regex slow, potentially causing DoS. The issue is fixed in v1.4.26. Affected component: the URL string format validation function...

PT-2026-24422

Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Prior to 1.4.26 , t.String format: 'url' is vulnerable to ReDoS. Repeating a partial url format protocol and hostname multiple times cause regex to slow down...

PT-2026-24625

Impact t.String format: 'url' is vulnerable to redos Repeating a partial url format protocol and hostname multiple times cause regex to slow down significantly js 'http://a'.repeatn Here's a table demonstrating how long it takes to process repeated partial url format | n repeat | elapsed ms | | -...

OpenClaw has ReDoS and regex injection via unescaped Feishu mention metadata in RegExp construction

Summary extensions/feishu/src/bot.ts constructed new RegExp directly from Feishu mention metadata mention.name, mention.key in stripBotMention without escaping regex metacharacters. Affected Packages / Versions - Package: npm openclaw - Affected versions: = 2026.2.17 - First affected release:...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service (CVE-2026-2327)

Summary Node.js module markdown-it is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to regular expression denial of service ReDoS. This bulletin provides...

PT-2026-26009

Summary extensions/feishu/src/bot.ts constructed new RegExp directly from Feishu mention metadata mention.name, mention.key in stripBotMention without escaping regex metacharacters. Affected Packages / Versions - Package: npm openclaw - Affected versions: = 2026.2.17 - First affected release:...

CVE-2026-3293 snowflakedb snowflake-jdbc JDBC URL SdkProxyRoutePlanner.java SdkProxyRoutePlanner redos

A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts...

CVE-2026-27903 minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments

minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, matchOne performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent GLOBSTAR...

CVE-2026-27903

The CVE concerns minimatch prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, where matchOne() can backtrack unboundedly when a glob includes multiple non-adjacent GLOBSTAR segments. This causes exponential-like time complexity (O(C(n, k))) and can stall the Node.js eve...

Linux Distros Unpatched Vulnerability : CVE-2026-26996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular...

Atlassian Confluence 8.5.x < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.2.3 / 10.2.6 (CONFSERVER-102185)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-102185 advisory. - Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrust...