CVE-2026-45792

Vulnerability summary (CVE-2026-45792) RTK (Rust Token Killer) prior to 0.32.0 trusts project-local configuration by auto-loading the highest-priority .rtk/filters.toml without user notification. An attacker with repository access can place a malicious filter to modify shell command output before...

CVE-2026-54300

@astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify converts Astro image.remotePatterns into Netlify Image CDN images.remoteimages regular expressions with broader semantics than Astro's canonical matcher. A...

CVE-2026-54300 @astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config

@astrojs/netlify is an adapter that allows Astro to deploy your hybrid or server rendered site to Netlify. Prior to 7.0.13, @astrojs/netlify converts Astro image.remotePatterns into Netlify Image CDN images.remoteimages regular expressions with broader semantics than Astro's canonical matcher. A...

EUVD-2024-36468

OpenCTI May Bypass Introspection Restriction...

modoboa 2.0.4 - Admin TakeOver

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. id: CVE-2023-0777 info: name: modoboa 2.0.4 - Admin TakeOver author: r3Y3r53 severity: critical description: | Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to...

Loytec LGATE-902 <6.4.2 - Local File Inclusion

Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion vulnerability. id: CVE-2018-14916 info: name: Loytec LGATE-902 6.4.2 - Local File Inclusion author: 0xAkoko severity: critical description: Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion...

Budibase - Authentication Bypass

Budibase = 3.31.4 contains an authentication bypass caused by unanchored regex in authorized middleware matching webhook path patterns in query strings, letting unauthenticated remote attackers access any server-side API endpoint, exploit requires crafted request with webhook pattern in URL. id:...

Webmin < 1.920 - Authenticated Remote Code Execution

rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialisevariable makes an eval call. NOTE: the WebminServersIndex documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must...

CVE-2025-71379

vLLM versions = 0.6.3 and 0.9.0 contain multiple regular expression denial of service ReDoS vulnerabilities. Several regex patterns — in vllm/lora/utils.py, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint — are susceptible to catastrophic backtracking. An attacker...

CVE-2026-56021

Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern...

EUVD-2026-37908

Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern...

CVE-2026-56021

CVE-2026-56021 affects Webmin. An unauthenticated attacker can read contents of any .conf file in module directories because of a bypassable regex pattern, causing information disclosure (confidentiality impact: low). The CVSS metrics place it at Medium: CVSS v3.1 base score 5.3 (NETWORK, LOW com...

DEBIAN-CVE-2026-44587

CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the contenttypedenylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. In...

CVE-2026-44587 CarrierWave has a denylisted_content_type bypass via Unescaped Regex Metacharacters

CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the contenttypedenylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. In...

CVE-2026-44587

CarrierWave (Ruby) before versions 2.2.7 and 3.1.3 contains a denylisted_content_type bypass: denylist entries are interpolated into a regex without Regexp.quote or a start anchor, so entries like image/svg+xml render the pattern that fails to match the real MIME type (e.g., /image/svg+x/). This ...

Natural Language Toolkit (NLTK): URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read

Summary nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments when using the nltk: URL scheme. The unsafe-path regex check is performed before url2pathname decodes the %xx sequences a classic decode-after-check / TOCTOU-style flaw, allowing ...

PT-2026-49741

Name of the Vulnerable Software and Affected Versions @astrojs/netlify versions prior to 7.0.13 Description The adapter converts image.remotePatterns into Netlify Image CDN images.remote images regular expressions using semantics broader than the canonical matcher. This occurs because a single...

GHSA-9H5V-PFQQ-X599 UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`

Summary A regular expression denial-of-service ReDoS vulnerability has been discovered in ua-parser-js when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParserheaders.withClientHints, an attacker can cause the parser to spend excessive CPU...

Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex

...

CVE-2026-42567

A flaw was found in Svelte, a web framework. An internal regular expression regex in the Svelte runtime, specifically when processing , can be exploited by a remote attacker. By providing specially crafted input, an attacker can cause the regex to take an exponential amount of time to process,...