665 matches found
UBUNTU-CVE-2026-39951
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...
DEBIAN-CVE-2026-39951
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...
CVE-2026-39951
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...
CVE-2026-39951
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...
CVE-2026-39951 Cacti: Stored SQL Injection via graph_name_regexp in Reports feature
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...
CVE-2026-39955 Cacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored FILTERVALIDATEREGEXP in graphview.php. This issue has been fixed in version 1.2.31...
ROOT-APP-NPM-CVE-2024-52798 CVE-2024-52798 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2024-52798 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-4867 CVE-2026-4867 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2026-4867 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2024-45296 CVE-2024-45296 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2024-45296 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-4923 CVE-2026-4923 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2026-4923 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-4926 CVE-2026-4926 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2026-4926 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
Security Bulletin: IBM Maximo Scheduler Optimizer uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867
Summary IBM Maximo Scheduler Optimizer uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867 This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of...
path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of...
MAL-2026-5310 Malicious code in regexp-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9828b4712ac404ec6f143f9c3115eb73ccd4418bab9cb17327ae325d488954e1 regexp-ts masquerades as the pino logger description, keywords, and module.exports.pino export but is actually a remote-code-execution loader. When a...
Malicious code in regexp-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9828b4712ac404ec6f143f9c3115eb73ccd4418bab9cb17327ae325d488954e1 regexp-ts masquerades as the pino logger description, keywords, and module.exports.pino export but is actually a remote-code-execution loader. When a...
Malicious Package
Overview regexp-ts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
CVE-2026-35041
fast-jwt provides fast JSON Web Token JWT implementation. From 5.0.0 to 6.2.0, a denial-of-service condition exists in fast-jwt when the allowedAud verification option is configured using a regular expression. Because the aud claim is attacker-controlled and the library evaluates it against the...
CVE-2026-8888
Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp without complexity validation. An on-path attacker can inject specific patterns to cause catastrophic backtracking, resulting in...