Picomatch has a ReDoS vulnerability via extglob quantifiers

Impact picomatch is vulnerable to Regular Expression Denial of Service ReDoS when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as + and , especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that c...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS when processing crafted extglob patterns. An attacker can cause excessive CPU consumption and block the event loop by supplying crafted extglob patterns that trigger catastrophic backtracking i...

PT-2026-28173

Name of the Vulnerable Software and Affected Versions Picomatch versions prior to 4.0.4 Picomatch versions prior to 3.0.2 Picomatch versions prior to 2.3.2 Description Picomatch, a JavaScript glob matcher, contains a flaw where specially crafted POSIX bracket expressions, such as :constructor:, c...

Allocation of Resources Without Limits or Throttling

Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Allocation of Resources Without...

Allocation of Resources Without Limits or Throttling

Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...

Scriban: Built-in operations bypass LoopLimit and delay cancellation, enabling Denial of Service

Summary Scriban's LoopLimit only applies to script loop statements, not to expensive iteration performed inside operators and builtins. An attacker can submit a single expression such as 1..1000000 | array.size and force large amounts of CPU work even when LoopLimit is set to a very small value...

Scriban has a Stack Overflow via Nested Array Initializers That Bypass the ExpressionDepthLimit Fix

Summary StackOverflowException via nested array initializers bypasses ExpressionDepthLimit fix GHSA-wgh7-7m3c-fx25 Details The recent fix for GHSA-wgh7-7m3c-fx25 uncontrolled recursion in parser added ExpressionDepthLimit defaulting to 250. However, deeply nested array initializers ... recurse...

GHSA-P6Q4-FGR8-VX4P Scriban has a Stack Overflow via Nested Array Initializers That Bypass the ExpressionDepthLimit Fix

Summary StackOverflowException via nested array initializers bypasses ExpressionDepthLimit fix GHSA-wgh7-7m3c-fx25 Details The recent fix for GHSA-wgh7-7m3c-fx25 uncontrolled recursion in parser added ExpressionDepthLimit defaulting to 250. However, deeply nested array initializers ... recurse...

CVE-2026-23920

Host and event action script input is validated with a regex set by the administrator, but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands...

CVE-2026-23920

Host and event action script input is validated with a regex set by the administrator, but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands...

CVE-2026-23920 Host and event action script regex validation can be bypassed in certain situations, leading to potential command injection

Host and event action script input is validated with a regex set by the administrator, but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands...

CVE-2026-33418

DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafti...

Denial Of Service (DoS)

github.com/expr-lang/expr is vulnerable to denial of service DoS. The vulnerability is due to missing recursion depth limits in certain builtin functions, which allows an attacker to supply deeply nested or cyclic data structures and trigger infinite recursion leading to stack overflow and...

Regular Expression Denial of Service (ReDoS)

Overview activesupport is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in numbertodelimited in the NumberToDelimitedConverter. An attacker can cause...

CVE-2026-33169 Rails Active Support has a possible ReDoS vulnerability in number_to_delimited

Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. NumberToDelimitedConverter uses a lookahead-based regular expression with gsub! to insert thousands delimiters. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the interaction between th...

GHSA-CG4J-Q9V8-6V38 Rails Active Support has a possible ReDoS vulnerability in number_to_delimited

Impact NumberToDelimitedConverter used a regular expression with gsub! to insert thousands delimiters. This could produce quadratic time complexity on long digit strings. Releases The fixed releases are available at the normal locations. Credit This issue was responsibly reported by Hackerone...

Python -- configparser vulnerable to excessive CPU use

Stan Ulbrych reports: configparser.RawConfigParser.OPTCRE,OPTCRENV regexes are vulnerable to quadratic backtracking...

Rails 安全漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Vulnerabilities exist in versions of Rails prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stem from a problem with regular expressions that involves...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the AdlLexer class in the archetype.py file. A user can cause excessive resource consumption. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...

CVE-2026-4539

CVE-2026-4539 affects the Pygments project, specifically the AdlLexer in pygments/lexers/archetype.py up to version 2.19.2. The issue stems from an inefficient regular expression construct in the AdlLexer, enabling a local-access DoS/slowdown scenario. Publicly released exploit material exists, a...