minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern

Summary minimatch is vulnerable to Regular Expression Denial of Service ReDoS when a glob pattern contains many consecutive wildcards followed by a literal character that doesn't appear in the test string. Each compiles to a separate ^/? regex group, and when the match fails, V8's regex engine...

GHSA-3PPC-4F35-3M26 minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern

Summary minimatch is vulnerable to Regular Expression Denial of Service ReDoS when a glob pattern contains many consecutive wildcards followed by a literal character that doesn't appear in the test string. Each compiles to a separate ^/? regex group, and when the match fails, V8's regex engine...

Unverified Ownership

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unverified Ownership via the process cleanup routine. An attacker can cause termination of unrelated system processes by exploiting pattern-based process enumeration without ownership...

PT-2026-21337

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description OpenClaw is a personal AI assistant. The CLI process cleanup mechanism used system-wide process enumeration and pattern matching to terminate processes without verifying ownership by the current...

securiclaw

🦞 Securiclaw AI-Powered Code Security Scanner Securiclaw...

CVE-2026-23142

A resource leak flaw was found in the Linux kernel's DAMON Data Access MONitor sysfs interface. When setting up a DAMOS-scheme directory fails after the accesspattern/ subdirectory has been created, the subdirectories are not properly cleaned up. This leaves the DAMON sysfs interface in a broken...

Linux Distros Unpatched Vulnerability : CVE-2026-23142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of...

CVE-2026-23142

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

CVE-2026-23142

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

UBUNTU-CVE-2026-23142

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

EUVD-2026-5896

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

CVE-2026-23142

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

CVE-2026-23142 mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

CVE-2026-23142 mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

CVE-2026-23142

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup accesspattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of accesspattern/ directory, subdirectories of accesspattern/ directory are not...

PT-2026-8202

In the Linux kernel, the following vulnerability has been resolved: rust binder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", bu...

CVE-2019-25329

CVE-2019-25329 affects FTP Navigator 8.03 and is a denial-of-service vulnerability caused by overwriting the Structured Exception Handler (SEH) with malicious input. An attacker can trigger a crash by supplying a payload consisting of 4108 'A' characters followed by 4 'B' characters and 40 'C' ch...

CVE-2025-69873

A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS Regular Expression Denial of...

CVE-2020-37104

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

Regular Expression Denial of Service (ReDoS)

Overview ajv is an Another JSON Schema Validator Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to improper validation of the pattern keyword when combined with $data references. An attacker can cause the application to become unresponsive and...