7 matches found
CVE-2025-5891
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to th...
985-manager (>=1.1.9 <=1.8.9), @2bit/pm2m (=0.0.1) +1104 more potentially affected by CVE-2025-5891 via pm2 (>=0.5.7 <=6.0.8)
pm2 NPM version =0.5.7, =1.1.9, =0.1.0, =0.0.1, =1.16.13, =1.16.6, =1.4.1, =1.6.23, =1.16.6, =0.2.2, =0.2.2, =1.16.6, =1.16.6, =1.16.28-next-5a717317 and more Source cves: CVE-2025-5891 Source advisory: OSV:GHSA-X5GF-QVW8-R2RM...
CVE-2025-5891
creationtimestamp| type| source ---|---|--- 2025-06-09 19:48:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17741 2025-06-09 23:43:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lr7kmh7os32p...
CVE-2025-5891
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2025-5891 Unitech pm2 Config.js redos
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2025-5891
CVE-2025-5891 affects Unitech pm2 (versions up to 6.0.6; also noted in advisories for 6.0.8) due to incorrect handling in /lib/tools/Config.js that enables an inefficient regular expression pattern, resulting in a Regular Expression Denial of Service (ReDoS). The vulnerability is remotely exploit...
CVE-2025-5891 Unitech pm2 Config.js redos
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to th...