CVE-2025-5892 | RocketChat up to 7.6.1 parseMessage.js parseMessage line redos (ID 35711)

Inserito da Angelo Barbosa | Giu 9, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity.

The identification of this vulnerability is CVE-2025-5892. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-5892 | RocketChat up to 7.6.1 parseMessage.js parseMessage line redos (ID 35711)

Post correlati

CVE-2023-39340 | Ivanti Connect Secure up to 22.6R1 denial of service

CVE-2021-22282 | B&R Industrial Automation Studio 4.0 code injection

CVE-2024-10114 | Social Login Plugin up to 2.7.7 on WordPress improper authentication

CVE-2024-0552 | Intumit SmartRobot up to 6.0.0-202012tw Web Framework injection