CVE Catalog

CVE-2026-58421

Low risk· EPSS 6%
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile — higher than 6% of all known CVEs

Summary

A ReDoS (Regular Expression Denial of Service) vulnerability in the CODEOWNERS pattern matching mechanism allows an unauthenticated attacker to perform a denial of service attack.

Risk Assessment

An attacker can send a specially crafted request causing excessive CPU usage, leading to service unavailability for legitimate users.

Recommendation

Immediately update the software to a version containing a fix that eliminates the ReDoS vulnerability in the CODEOWNERS mechanism.

Original NVD description (English source)

Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

Vulnerability data from NVD (NIST) · CISA KEV · EPSS