Lucene search
K

667 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-56017

JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...

7.5CVSS5.8AI score0.00488EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 12:17 a.m.3 views

DEBIAN-CVE-2026-39951

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...

8.8CVSS5.9AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 12:17 a.m.8 views

CVE-2026-39951

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...

8.8CVSS0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 12:17 a.m.2 views

UBUNTU-CVE-2026-39951

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...

8.8CVSS5.8AI score0.00221EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 11:14 p.m.32 views

CVE-2026-39951 Cacti: Stored SQL Injection via graph_name_regexp in Reports feature

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...

7.6CVSS0.00221EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/24 11:14 p.m.4 views

CVE-2026-39951

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...

8.8CVSS5.9AI score0.00221EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/24 10:49 p.m.17 views

CVE-2026-39955 Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored FILTERVALIDATEREGEXP in graphview.php. This issue has been fixed in version 1.2.31...

9.8CVSS0.00315EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 5:33 a.m.5 views

ROOT-APP-NPM-CVE-2024-45296 CVE-2024-45296 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2024-45296 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

7.5CVSS7.3AI score0.00932EPSS
Exploits0
OSV
OSV
added 2026/06/24 5:33 a.m.3 views

ROOT-APP-NPM-CVE-2026-4867 CVE-2026-4867 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2026-4867 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

7.5CVSS5.9AI score0.00496EPSS
Exploits0
OSV
OSV
added 2026/06/24 5:33 a.m.2 views

ROOT-APP-NPM-CVE-2024-52798 CVE-2024-52798 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2024-52798 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

8.7CVSS5.4AI score0.00792EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When calling JS::CheckRegExpSyntax, a syntax error may be set, resulting in the call to convertToRuntimeErrorAndClear. A path within the function might attempt to allocate memory when no memory is available, causing a newly created Out of Memory exception to be misinterpreted as a syntax error...

6.5CVSS6.6AI score0.00528EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 5:46 a.m.7 views

ROOT-APP-NPM-CVE-2026-4923 CVE-2026-4923 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2026-4923 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

5.9CVSS6.2AI score0.00353EPSS
Exploits0
OSV
OSV
added 2026/06/17 5:46 a.m.16 views

ROOT-APP-NPM-CVE-2026-4926 CVE-2026-4926 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2026-4926 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

7.5CVSS5.9AI score0.00791EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 10:39 a.m.8 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js module path-to-regexp

Summary IBM App Connect Enterprise runtime and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to Node.js module path-to-regexp. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time you have...

7.5CVSS5.5AI score0.00791EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 2:8 p.m.5 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867

Summary IBM Maximo Scheduler Optimizer uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867 This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time...

7.5CVSS5.5AI score0.00496EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.9 views

path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions

A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of...

7.5CVSS6.1AI score0.00791EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.16 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.9CVSS7.1AI score0.02907EPSS
Exploits10References19
RedHat Linux
RedHat Linux
added 2026/06/09 11:18 a.m.7 views

path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions

A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of...

7.5CVSS6.1AI score0.00791EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 9:27 a.m.10 views

Malicious code in regexp-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9828b4712ac404ec6f143f9c3115eb73ccd4418bab9cb17327ae325d488954e1 regexp-ts masquerades as the pino logger description, keywords, and module.exports.pino export but is actually a remote-code-execution loader. When a...

5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/06/08 9:27 a.m.10 views

Malicious Package

Overview regexp-ts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.5AI score
Exploits0References2
Rows per page
Query Builder