USN-8343-1 multipart vulnerability

It was discovered that multipart had an ambiguous regular expression alternation when handling certain HTTP header values. A remote attacker could possibly use this issue to cause multipart to use excessive resources, leading to a denial of service...

SUSE CVE-2026-9496

Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function's regex replacement and string-manipulation logic, causing...

PT-2026-43458

Summary The strip html filter in liquidjs is intended to remove HTML tags from a string before rendering, and is widely used as an XSS sanitizer. The implementation uses a regex whose catch-all branch does not match line terminators, so any HTML tag containing a or r character passes through...

HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

GHSA-9RMH-MM8F-R9H6 Svelte: ReDoS in `<svelte:element>` Tag Validation

An internal regex in the Svelte runtime can take exponential time to test in . You are only vulnerable to this if you allow tags of unconstrained length. If your application only allows a predetermined list of tags or trims their length before passing them to svelte:element, you are safe...

CVE-2026-2300 BJ Lazy Load <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom HTML Block

The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-actionpack (UTSA-2026-017610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017610 advisory. The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action...

CVE-2025-65122

Regex Denial of Service in youtube-regex npm package through version 1.0.5...

CVE-2025-65122

CVE-2025-65122 affects the youtube-regex npm package up to version 1.0.5. The NVD entry documents a Regex Denial of Service vulnerability with CVSS v3.1 base score 7.5 (attack: NETWORK, impact: HIGH on availability; confidentiality and integrity not affected; no user interaction; no privileges re...

CVE-2025-65122

Regex Denial of Service in youtube-regex npm package through version 1.0.5...

Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-016521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016521 advisory. An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data...

Astra Linux - уязвимость в libonig

A NULL pointer dereference in the matchat function in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause a denial of service by providing a crafted regular expression. Oniguruma vulnerabilities often affect Ruby, as well as common optional libraries used in PHP and Rust...

Astra Linux - уязвимость в mako

Sqlalchemy mako before version 1.2.2 is vulnerable to Regular Expression Denial of Service when using the Lexer class for parsing. This vulnerability also affects babelplugin and linguaplugin...

Astra Linux - уязвимость в thunderbird, firefox

Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log did not account for external URLs. As a result, data could potentially be exfiltrated from the browser. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird...

Astra Linux - уязвимость в sqlparse

sqlparse is a non-validation SQL parser module for Python. In affected versions, the SQL parser contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. This issue was introduced by the commit e75e358. The vulnerability may lead to Denial of Service DoS. Thi...

Astra Linux - уязвимость в libonig

A use-after-free in the onignewdeluxe function in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regular expression pattern and a...

PT-2026-34209

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An incorrect regular expression allows an attacker to bypass OAuth redirect URI validation. An attacker aware of a first-party OAuth application's registered callback URL can create a...

PT-2026-34233

Summary The defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace or / before the closing , allowing ...

Incorrect Regular Expression

Overview fast-jwt is a Fast JSON Web Token implementation Affected versions of this package are vulnerable to Incorrect Regular Expression in the allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce options when used with RegExp objects and RegExp is configured with modifiers such as /...

CVE-2026-35611

Addressable (Ruby URI template implementation) versions 2.3.0–before 2.9.0 are affected by two classes of URI template generation that create regular expressions susceptible to catastrophic backtracking. Templates using the explode modifier with any expansion operator (e.g., {foo*}, {+var*}, {#va...