QSearchQSearch

CVE-2026-11478

3.3 LOW

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb

Published: 2026-06-08 · Last updated: 2026-06-08

Severity and scoring

CVSS
3.3 LOW
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE
CWE-1333, CWE-400

Description

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local execution. The exploit has been published and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-41721 Spring Data Commons contains a vulnerability that can lead to a Denial of Service (DoS) condition if Spring Data Web Support is enabled i... (5.9 MEDIUM)
  • CVE-2026-41711 Applications using Spring Data Commons may be vulnerable to a Denial of Service (DoS) attack leading to a StackOverflowException when par... (5.9 MEDIUM)
  • CVE-2026-41695 Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property pat... (7.5 HIGH)
  • CVE-2026-40988 An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a ... (7.5 HIGH)
  • CVE-2026-46374 SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code (7.5 HIGH)