7 vulnerabilities classified as CWE-625 (宽松定义的正则表达式). AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34830 | Rack: Rack::Sendfile regex injection via HTTP_X_ACCEL_MAPPING header allows arbitrary file reads through nginx — rack | 5.9 | Medium | 2026-04-02 |
| CVE-2026-34763 | Rack: Rack::Directory info disclosure and DoS via unescaped regex interpolation — rack | 5.3 | Medium | 2026-04-02 |
| CVE-2026-32973 | OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatch via POSIX Path Normalization — OpenClaw | 9.8 | Critical | 2026-03-29 |
| CVE-2026-23651 | Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability — Microsoft ACI Confidential Containers | 6.7 | Medium | 2026-03-05 |
| CVE-2023-6544 | Keycloak: authorization bypass | 5.4 | Medium | 2024-04-25 |
| CVE-2020-8910 | Auth Bypass in Google's Closure-Library — Closure-Library | 6.5 | Medium | 2020-03-26 |
| CVE-2018-8926 | Synology Photo Station 安全漏洞 — Photo Station | 8.8 | - | 2018-06-08 |
Vulnerabilities classified as CWE-625 (宽松定义的正则表达式) represent 7 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.