9085 matches found
Regular Expression Denial of Service (ReDoS) Detector
This Metasploit auxiliary module implements a scientific approach to detecting and validating ReDoS vulnerabilities in HTTP-based applications. It leverages context-aware payload generation, length progression testing, and statistical analysis to identify inefficient regular expressions that may...
dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling
A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting mXSS via an incorrect template literal regular expression...
CVE-2026-25227
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...
CVE-2026-26190
Milvus prior to versions 2.5.27 and 2.6.10 exposes TCP 9091 by default, enabling authentication bypasses. The /expr debug endpoint uses a weak default token (etcd.rootPath, default: by-dev) allowing arbitrary expression evaluation. The REST API (/api/v1/*) is registered on the metrics/management ...
CVE-2026-26190 Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise
Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...
CVE-2026-26190 Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise
Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...
SUSE CVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...
CVE-2026-0967
A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...
CVE-2026-25227
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...
CVE-2026-25227
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...
CVE-2026-25227 authentik affected by Remote Code Execution via Context Key Injection in PropertyMapping Test Endpoint
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...
CVE-2026-25227 authentik affected by Remote Code Execution via Context Key Injection in PropertyMapping Test Endpoint
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...
CVE-2025-69873
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS Regular Expression Denial of...
markdown-it is has a Regular Expression Denial of Service (ReDoS)
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...
CVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...
CVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...
UBUNTU-CVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...
CVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...
CVE-2026-2327
The CVE affects the JavaScript library markdown-it in versions 13.0.0 and earlier than 14.1.1. The vulnerability arises in the linkify function due to a faulty regex /il+$/ that enables a ReDoS under crafted input (long sequences of * followed by a non-matching character). This backtracking can ...
CVE-2026-2327
Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...