CVE-2025-66020 – Valibot has a ReDoS vulnerability in `EMOJI_REGEX`

CVE ID : CVE-2025-66020

Published : Nov. 26, 2025, 2:15 a.m. | 20 minutes ago

Description : Valibot helps validate data using a schema. In versions from 0.31.0 to 1.1.0, the EMOJI_REGEX used in the emoji action is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. A short, maliciously crafted string (e.g.,
Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-66026 – REDAXO is Vulnerable to Reflected XSS in Mediapool Info Banner via args[types]

CVE-2025-66025 – Caido Improperly Handles External Links in Markdown

CVE-2025-66022 – FACTION Unauthenticated Custom Extension Upload leads to RCE

CVE-2025-66269 – Unquoted Service Path in UPSilon2000V6.0(RupsMon and USBMate) running as SYSTEM