CVE-2026-11478
LowCVSS 3.3Summary
A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb, affecting the function matchstar of the file re.c of the Pattern Handler component. This vulnerability leads to inefficient regular expression complexity.
Risk Assessment
The risk associated with this vulnerability is the potential exploitation of inefficiencies in regular expression processing, which may lead to reduced application performance in the event of a local attack.
Recommendation
It is recommended to monitor project updates and implement mitigations to restrict local access to the application using the vulnerable component.
Original NVD description (English source)
A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local execution. The exploit has been published and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.

