CVEs classified under CWE-1333, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-35458 — CVSS 9.8 (critical): Gotenberg is an API for converting document formats. In 8.29.1 and earlier, Gotenberg uses dlclark/regexp2 to compile user-supplied scope…
CVE-2023-29486 — CVSS 9.8 (critical): An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access…
CVE-2026-25547: @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is…
CVE-2023-29487 — CVSS 9.1 (critical): An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause…
CVE-2026-47138: Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.77 and…
CVE-2025-6998: ReDoS in strip_whitespaces() function in cps/string_helper.py in Calibre Web and Autocaliweb allows unauthenticated remote attackers to…
CVE-2020-26310: Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular…
CVE-2020-26309: Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions…
CVE-2020-26307: HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available versions contain one or more regular…
CVE-2020-26306: Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and…
CVE-2023-23925 — CVSS 8.6 (high): Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy…
CVE-2023-23621 — CVSS 8.6 (high): Discourse is an open-source discussion platform. Prior to version 3.0.1 on the `stable` branch and version 3.1.0.beta2 on the `beta` and…
CVE-2025-62484 — CVSS 8.1 (high): Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to…
CVE-2024-52798: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be…
CVE-2026-55574 — CVSS 7.5 (high): vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structured_outputs.regex API…
CVE-2026-52794 — CVSS 7.5 (high): Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service (ReDoS)…
CVE-2026-45617 — CVSS 7.5 (high): LiquidJS is a Shopify/GitHub Pages compatible template engine written in pure JavaScript. In versions 10.25.7 and below, the built-in…
CVE-2026-42567 — CVSS 7.5 (high): Svelte is a performance oriented web framework. From version 5.51.5 to before version 5.55.7, an internal regex in the Svelte runtime can…
CVE-2026-9496 — CVSS 7.5 (high): Versions of the package pacote from 11.2.7 and before 21.5.1 are vulnerable to Denial of Service (DoS) via the addGitSha function. An…
CVE-2026-33079 — CVSS 7.5 (high): In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that…
CVE-2026-41040 — CVSS 7.5 (high): GROWI provided by GROWI, Inc. is vulnerable to a regular expression denial of service (ReDoS) via a crafted input string.
CVE-2026-35611 — CVSS 7.5 (high): Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0…
CVE-2026-35213 — CVSS 7.5 (high): @hapi/content provided HTTP Content-* headers parsing. All versions of @hapi/content through 6.0.0 are vulnerable to Regular Expression…
CVE-2026-33671 — CVSS 7.5 (high): Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of…
CVE-2026-4867 — CVSS 7.5 (high): Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something…
CVE-2026-28356 — CVSS 7.5 (high): multipart is a fast multipart/form-data parser for python. Prior to 1.2.2, 1.3.1 and 1.4.0-dev, the parse_options_header() function in…
CVE-2026-30837 — CVSS 7.5 (high): Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Prior to…
CVE-2026-30925 — CVSS 7.5 (high): Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 and 8.6.11…
CVE-2025-70030 — CVSS 7.5 (high): An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
CVE-2025-70034 — CVSS 7.5 (high): An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
CVE-2025-10990 — CVSS 7.5 (high): A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric…
CVE-2026-27904 — CVSS 7.5 (high): minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7…
CVE-2026-1388 — CVSS 7.5 (high): GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1…
CVE-2026-26996 — CVSS 7.5 (high): minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are…
CVE-2026-23897 — CVSS 7.5 (high): Apollo Server is an open-source, spec-compliant GraphQL server that's compatible with any GraphQL client, including Apollo Client. In…
CVE-2026-23956 — CVSS 7.5 (high): seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 0.2.0 through…
CVE-2024-58340 — CVSS 7.5 (high): LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service (ReDoS) vulnerability in the…
CVE-2026-21868 — CVSS 7.5 (high): Flag Forge is a Capture The Flag (CTF) platform. Versions 2.3.2 and below have a Regular Expression Denial of Service (ReDoS) vulnerability…
CVE-2026-0621 — CVSS 7.5 (high): Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS) vulnerability in…
CVE-2025-68475 — CVSS 7.5 (high): Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and…
CVE-2025-66020 — CVSS 7.5 (high): Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJI_REGEX used in the emoji action is vulnerable to a…
CVE-2025-61581 — CVSS 7.5 (high): ** UNSUPPORTED WHEN ASSIGNED ** Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects…
CVE-2025-61921 — CVSS 7.5 (high): Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service…
CVE-2025-6638 — CVSS 7.5 (high): A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically…
CVE-2025-33090 — CVSS 7.5 (high): IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of service using a specially crafted regular…
CVE-2025-54365 — CVSS 7.5 (high): fastapi-guard is a security library for FastAPI that provides middleware to control IPs, log requests, detect penetration attempts and…
CVE-2025-53539 — CVSS 7.5 (high): FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts…
CVE-2025-3262 — CVSS 7.5 (high): A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the huggingface/transformers repository, specifically in…
CVE-2018-25110 — CVSS 7.5 (high): Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in…