MiracleLinux 7 : pcre-8.32-15.el7.1 (AXSA:2016-391:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-391:01 advisory. Perl-compatible regular expression library. PCRE has its own native API, but a set of wrapper functions that are based on the POSIX API are also...

CVE-2026-22809

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

MiracleLinux 3 : perl-5.8.8-10.3.1AXS3 (AXSA:2008-74:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-74:01 advisory. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl's regular expression...

📄 n8n Workflow Expression Remote Code Execution

This Metasploit module exploits a critical remote code execution vulnerability CVE-2025-68613 in the n8n workflow automation platform. The vulnerability exists in the workflow expression evaluation system where user-supplied expressions enclosed in are evaluated in an execution context that is no...

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the Regexp compilation process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted regular expression source string. Remediation A fix was pushed into the master branch bu...

GHSA-Q5F6-QXM2-MCQM tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

Summary A potential Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. Details The issue was caused by the use of insufficiently constrained regular expressions applied to attacker-controlled input: if...

tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

Summary A potential Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. Details The issue was caused by the use of insufficiently constrained regular expressions applied to attacker-controlled input: if...

Regular Expression Denial of Service (ReDoS)

Overview tarteaucitronjs is a package that provides compliance to the European cookie law. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the issuuid parameter hangling. An attacker can cause excessive CPU consumption and degrade service...

CVE-2026-22809 tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

EUVD-2026-2021

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

CVE-2026-22809 tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

CVE-2026-22809

tarteaucitron.js has a ReDoS vulnerability in the handling of the issuu_id parameter, fixed in version 1.29.0. Prior to 1.29.0, insufficiently constrained regex could cause excessive backtracking and CPU consumption. Upgrading to 1.29.0 or applying the mitigation described in public advisories is...

CVE-2026-22809 tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

n8n Workflow Expression Remote Code Execution

This module exploits a critical remote code execution vulnerability CVE-2025-68613 in the n8n workflow automation platform. The vulnerability exists in the workflow expression evaluation system where user-supplied expressions enclosed in are evaluated in an execution context that is not...

Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass

Security Disclosure: SSRF via MetaIssuer Regex Bypass Summary Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. T...

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

SUSE CVE-2025-15506

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

MiracleLinux 7 : php-5.4.16-48.0.11.el7.AXS7 (AXSA:2025-10916:10)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10916:10 advisory. CVE-2017-9224: fix out-of-bounds read of a stack in matchat function CVE-2017-9226: fix out-of-bounds write or read of a heap in nextstateval...

tarteaucitron.js 安全漏洞

tarteaucitron.js is a cookie manager for the Amauri CHAMPEAUX Personal Developer. A security vulnerability exists in tarteaucitron.js versions prior to 1.29.0, which stems from a regular expression denial of service when handling the issuuid parameter...