Lucene search
K

8483 matches found

Cvelist
Cvelist
added 2026/03/09 12:0 a.m.28 views

CVE-2025-70034

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

0.00339EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/09 12:0 a.m.4 views

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

5.8AI score0.00339EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.5 views

PT-2026-24103

Name of the Vulnerable Software and Affected Versions Sunbird-Ed SunbirdEd-portal version 1.13.4 Description The software contains an issue related to inefficient regular expression complexity. The complexity of the regular expressions may lead to performance issues. Recommendations Update...

5.6AI score0.00339EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.6 views

SSH2 安全漏洞

SSH2 is an SSH client and server module developed by mscdex’s individual developers. Version 1.17.0 of SSH2 contains a security vulnerability, which stems from the inefficiency of regular expressions...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 12:0 a.m.7 views

CVE-2025-70030

CVE-2025-70030 affects Sunbird-Ed SunbirdEd-portal v1.13.4. The issue is CWE-1333: Inefficient Regular Expression Complexity, caused by complex regexes in the portal that can lead to performance degradation (absence of confidentiality/integrity impact, but availability impact is high). The CVSSv3...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 12:0 a.m.1 views

CVE-2025-70034

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in mscdex ssh2 v1.17.0...

5.8AI score0.00339EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/07 6:45 p.m.3 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion through the std::regex process in multipart filename parsing. An attacker can cause the server to crash by sending a specially crafted HTTP POST request with a malicious filename parameter, leading to uncontrolled...

8.2CVSS5.9AI score0.00602EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/03/07 4:8 p.m.3 views

CVE-2026-29076

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.5AI score0.00602EPSS
Exploits1
EUVD
EUVD
added 2026/03/06 11:25 p.m.4 views

EUVD-2026-10061

parse-server: Malformed $regex query leaks database error details in API response...

6.9CVSS5.8AI score0.00336EPSS
Exploits0References4
NVD
NVD
added 2026/03/06 6:16 p.m.15 views

CVE-2026-3419

Fastify incorrectly accepts malformed Content-Type headers containing trailing characters after the subtype token, in violation of RFC 9110 §8.3.1https://httpwg.org/specs/rfc9110.htmlfield.content-type. For example, a request sent with Content-Type: application/json garbage passes validation and ...

5.3CVSS0.00351EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/06 12:31 a.m.6 views

EUVD-2026-9886

Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS5.9AI score0.00593EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 11:16 p.m.17 views

CVE-2026-23651

Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS0.00593EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 10:18 p.m.6 views

CVE-2026-23651

Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

6.7CVSS5.9AI score0.00593EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/05 9:29 p.m.3 views

Incorrect Regular Expression

Overview fastify is an overhead web framework, for Node.js. Affected versions of this package are vulnerable to Incorrect Regular Expression in the Content-Type header validation. An attacker can cause the server to incorrectly process requests with malformed Content-Type headers by sending value...

6.9CVSS5.8AI score0.00351EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.10 views

Microsoft Azure Compute Gallery 安全漏洞

Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There is a security vulnerability in Azure Compute Gallery, which stems from overly lax regular expressions, potentially allowing authorized attackers to gain local privileges...

6.7CVSS5.8AI score0.00593EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 5:42 a.m.10 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service

Summary IBM Event Streams is vulnerable to a denial of service due to excessive regular expression complexity in brace‑expansion CVE-2025-5889 Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has be...

3.1CVSS5.2AI score0.00459EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/03 1:29 p.m.3 views

BIT-DISCOURSE-2026-28219 Privilege Escalation via Mass Assignment Allows Regular Users to Set Topics as Global Banners

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an improper authorization check in the topic management logic allows authenticated users to modify privileged attributes of their topics. By manipulating specific parameters in a PUT or POST...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:43 a.m.4 views

BIT-KIBANA-2026-26936 Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service

Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...

7.5CVSS5.9AI score0.00325EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:40 a.m.5 views

BIT-ELK-2026-26936 Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service

Inefficient Regular Expression Complexity CWE-1333 in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup CAPEC-492...

7.5CVSS5.9AI score0.00325EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/02 10:17 p.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the stripBotMention function in extensions/feishu/src/bot.ts when unescaped Feishu mention metadata is used to construct a regular expressio...

8.2CVSS5.9AI score0.00311EPSS
Exploits0References2
Rows per page
Query Builder