Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539

Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments [CVE-2026-4539]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments, due to a flaw in function AdlLexer of the file pygments/lexers/archetype.py that results in inefficient regular expression complexity CVE-2026-4539. Pygments is used in our speech...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pygments (UTSA-2026-017493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017493 advisory. In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponentia...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pygments (UTSA-2026-017482)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017482 advisory. An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as...

Security Bulletin: IBM Maximo Application Suite - IoT Component uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - IoT Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl, pyasn1-0.6.2-py3-none-any.whl, requests-2.32.5-py3-none-any.whl, bcprov-jdk18on-1.83.jar, pygments-2.19.2-py3-none-any.whl,...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pygments-2.19.2-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in pygments-2.19.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539.

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security flaw has been...

Astra Linux - уязвимость в pygments

In pygments 1.1+ and fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of these regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS attacks. By introducing malicious input, an attacker can cause a...

Astra Linux - уязвимость в pygments

An infinite loop in the SMLLexer of Pygments versions 1.5 to 2.7.3 may lead to a denial of service when performing syntax highlighting of a Standard ML SML source file. This issue is observed when the input only contains the “exception” keyword...

SUSE SLED15 / SLES15 Security Update : python-Pygments (SUSE-SU-2026:1667-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1667-1 advisory. - CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796. Tenab...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Pygments (SUSE-SU-2026:1666-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1666-1 advisory. - CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS...

SUSE-SU-2026:1667-1 Security update for python-Pygments

This update for python-Pygments fixes the following issues: - CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796...

Security update for python-Pygments

This update for python-Pygments fixes the following issues: CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

Security update for python-Pygments

This update for python-Pygments fixes the following issues: CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

SUSE-SU-2026:1666-1 Security update for python-Pygments

This update for python-Pygments fixes the following issues: - CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796...

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses logback-core-1.5.21.jar, spring-web-6.2.14.jar, pygments-2.19.2-py3-none-any.whl, and cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, which are vulnerable to CVE-2026-1225, CVE-2026-22735, CVE-2026-4539, and CVE-2026-34073. This bulletin contains information...

OESA-2026-1873 python-pygments security update

\ Security Fixes: A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit...

Updated python-pygments packages fix security vulnerability

A security flaw in Pygments function AdlLexer in archetype.py stems from a regular expression having an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. CVE-2026-4539...

MGASA-2026-0090 Updated python-pygments packages fix security vulnerability

A security flaw in Pygments function AdlLexer in archetype.py stems from a regular expression having an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. CVE-2026-4539...

Mageia: Security Advisory (MGASA-2026-0090)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...