All 5 CVE vulnerabilities found in path-to-regexp, with AI-generated Chinese analysis, references, and POCs.
Vendor: pillarjs
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4923 | path-to-regexp vulnerable to Regular Expression Denial of Service via multiple wildcards CWE-1333 | 5.9 | Medium | 2026-03-26 |
| CVE-2026-4926 | path-to-regexp vulnerable to Denial of Service via sequential optional groups CWE-400 | 7.5 | High | 2026-03-26 |
| CVE-2026-4867 | path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters CWE-1333 | 7.5 | High | 2026-03-26 |
| CVE-2024-52798 | path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x CWE-1333 | 5.3 | - | 2024-12-05 |
| CVE-2024-45296 | path-to-regexp outputs backtracking regular expressions CWE-1333 | 7.5 | High | 2024-09-09 |
All 5 known CVE vulnerabilities affecting path-to-regexp with full Chinese analysis, references, and POCs where available.