CVE-2026-6991

A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit h...

EUVD-2026-25667

A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit h...

CVE-2026-6991 colinhacks Zod CUID Data Type regexes.ts sql injection

A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit h...

CVE-2026-6991

The CVE concerns colinhacks Zod up to 4.3.6, specifically the CUID Data Type Handler in packages/zod/src/v4/core/regexes.ts. The vulnerability arises from a manipulated input to an unknown function, enabling SQL injection. It is a remote attack and exploitation is indicated by public disclosures ...

PT-2026-35164

A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit h...

Zod 注入漏洞

Zod is a validation library developed by Colin McDonnell, with a focus on TypeScript. Versions of Zod 4.3.6 and earlier contained a injection vulnerability. This vulnerability stemmed from an unknown feature in the Component CUID Data Type Handler, specifically the file...

GHSA-8FGX-WGVR-PCX8 Zod jsVideoUrlParser vulnerable to ReDoS in util.js

A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit ha...

PT-2026-31820

Name of the Vulnerable Software and Affected Versions Zod jsVideoUrlParser versions up to 0.5.1 Description A weakness exists in Zod jsVideoUrlParser up to version 0.5.1. The issue is related to inefficient regular expression complexity caused by manipulation of the timestamp argument within the...

npm zod security vulnerability

npm zod is a TypeScript-first schema declaration and validation library from npm USA. A security vulnerability exists in Zod version 3.22.2, which stems from a vulnerability that allows an attacker to perform a denial-of-service attack while validating an email...