A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function
parseMessage
of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity.
The identification of this vulnerability is CVE-2025-5892. The attack may be initiated remotely. Furthermore, there is an exploit available.