{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/regex/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["denial-of-service","regex","cve"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4926 exposes a denial-of-service vulnerability stemming from inefficient regular expression complexity. This flaw arises when a regular expression contains multiple sequential optional groups, denoted by curly brace syntax (e.g., \u003ccode\u003e{a}{b}{c}:z\u003c/code\u003e). The vulnerability lies in the exponential growth of the generated regular expression, leading to excessive resource consumption and ultimately causing a denial-of-service condition. This issue was introduced prior to version 8.4.0 and poses a…\u003c/p\u003e\n","date_modified":"2026-03-27T12:00:00Z","date_published":"2026-03-27T12:00:00Z","id":"/briefs/2026-03-regex-dos/","summary":"CVE-2026-4926 describes a denial-of-service vulnerability due to an inefficient regular expression complexity issue when handling multiple sequential optional groups, leading to exponential growth and resource exhaustion.","title":"CVE-2026-4926: Regular Expression Denial of Service","url":"https://feed.craftedsignal.io/briefs/2026-03-regex-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Regex","version":"https://jsonfeed.org/version/1.1"}