253 matches found
UBUNTU-CVE-2026-27904
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested extglobs produce regexps with nested unbounded quantifiers e.g. ?:?:a|b, which exhibit catastrophic...
CVE-2026-27904
CVE-2026-27904 concerns minimatch, a glob-to-RegExp utility. Prior to versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested () extglobs can produce regexps with nested unbounded quantifiers, causing catastrophic backtracking in V8. A 12-byte pattern like ( ( (a|b))) with an...
CVE-2026-27904 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested extglobs produce regexps with nested unbounded quantifiers e.g. ?:?:a|b, which exhibit catastrophic...
CVE-2026-27904 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested extglobs produce regexps with nested unbounded quantifiers e.g. ?:?:a|b, which exhibit catastrophic...
CVE-2026-27904
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested extglobs produce regexps with nested unbounded quantifiers e.g. ?:?:a|b, which exhibit catastrophic...
CVE-2026-27904 minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested extglobs produce regexps with nested unbounded quantifiers e.g. ?:?:a|b, which exhibit catastrophic...
PT-2026-22079
Name of the Vulnerable Software and Affected Versions minimatch versions prior to 10.2.3 minimatch versions prior to 9.0.7 minimatch versions prior to 8.0.6 minimatch versions prior to 7.4.8 minimatch versions prior to 6.2.2 minimatch versions prior to 5.1.8 minimatch versions prior to 4.2.5...
SUSE CVE-2026-23956
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 0.2.0 through 1.4.0, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegE...
Regular Expression Denial Of Service (ReDoS)
@modelcontextprotocol/sdk is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to inefficiently constructed regular expressions with nested quantifiers in the UriTemplate class, which allows an attacker to supply a crafted URI that triggers catastrophic backtracki...
CVE-2019-20871
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking...
PT-2026-28656
Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 0.1.13 Description A flawed regular expression is generated when three or more parameters are present within a single segment, separated by characters other than a period .. For example, /:a-:b-:c or...
GHSA-VQPR-J7V3-HQW9 Valibot has a ReDoS vulnerability in `EMOJI_REGEX`
Summary The EMOJIREGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service ReDoS attack. A short, maliciously crafted string e.g., 100 characters can cause the regex engine to consume excessive CPU time minutes, leading to a Denial of Service DoS for the application...
EUVD-2019-0324
Malware in sbrugna...
EUVD-2021-26273
Malware in sbrugna...
EUVD-2018-11713
Malware in sbrugna...
EUVD-2021-26289
Malware in sbrugna...
EUVD-2018-0040
Malware in sbrugna...
EUVD-2021-0456
Malware in sbrugna...
EUVD-2021-20266
Malware in sbrugna...
EUVD-2021-0175
Malware in sbrugna...