245 matches found
CVE-2026-4296
An incorrect regular expression vulnerability was identified in GitHub Enterprise Server that allowed an attacker to bypass OAuth redirect URI validation. An attacker with knowledge of a first-party OAuth application's registered callback URL could craft a malicious authorization link that, when...
Linux Distros Unpatched Vulnerability : CVE-2026-9496
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by...
PT-2026-45886
A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function is safe regex pattern of the component search code advanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. It is possible to launch the atta...
CVE-2026-10291 Enderfga claw-orchestrator Session Grep Endpoint embedded-server.ts validateRegex redos
A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...
USN-8343-1 multipart vulnerability
It was discovered that multipart had an ambiguous regular expression alternation when handling certain HTTP header values. A remote attacker could possibly use this issue to cause multipart to use excessive resources, leading to a denial of service...
SUSE CVE-2026-9496
Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function's regex replacement and string-manipulation logic, causing...
PT-2026-43458
Summary The strip html filter in liquidjs is intended to remove HTML tags from a string before rendering, and is widely used as an XSS sanitizer. The implementation uses a regex whose catch-all branch does not match line terminators, so any HTML tag containing a or r character passes through...
Astra Linux - уязвимость в libonig
A NULL pointer dereference in the matchat function in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause a denial of service by providing a crafted regular expression. Oniguruma vulnerabilities often affect Ruby, as well as common optional libraries used in PHP and Rust...
Astra Linux - уязвимость в libonig
A use-after-free in the onignewdeluxe function in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regular expression pattern and a...
Astra Linux - уязвимость в thunderbird, firefox
Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log did not account for external URLs. As a result, data could potentially be exfiltrated from the browser. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird...
Astra Linux - уязвимость в mako
Sqlalchemy mako before version 1.2.2 is vulnerable to Regular Expression Denial of Service when using the Lexer class for parsing. This vulnerability also affects babelplugin and linguaplugin...
HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint
All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...
GHSA-9RMH-MM8F-R9H6 Svelte: ReDoS in `<svelte:element>` Tag Validation
An internal regex in the Svelte runtime can take exponential time to test in . You are only vulnerable to this if you allow tags of unconstrained length. If your application only allows a predetermined list of tags or trims their length before passing them to svelte:element, you are safe...
CVE-2026-2300 BJ Lazy Load <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom HTML Block
The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...
CVE-2026-2300 BJ Lazy Load <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom HTML Block
The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...
Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017610)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017610 advisory. The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action...
CVE-2025-65122
Regex Denial of Service in youtube-regex npm package through version 1.0.5...
Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-016521)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016521 advisory. An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data...
CVE-2025-65122
Regex Denial of Service in youtube-regex npm package through version 1.0.5...
CVE-2025-65122
CVE-2025-65122 affects the youtube-regex npm package up to version 1.0.5. The NVD entry documents a Regex Denial of Service vulnerability with CVSS v3.1 base score 7.5 (attack: NETWORK, impact: HIGH on availability; confidentiality and integrity not affected; no user interaction; no privileges re...