CVE-2026-10291 | Enderfga claw-orchestrator up to 3.7.0 Session Grep Endpoint embedded-server.ts validateRegex body.pattern redos (Issue 64)

A vulnerability classified as problematic has been found in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient regular expression complexity.

This vulnerability is listed as CVE-2026-10291. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-10291 | Enderfga claw-orchestrator up to 3.7.0 Session Grep Endpoint embedded-server.ts validateRegex body.pattern redos (Issue 64)

Post correlati

CVE-2025-50927 | Easy Hosting Control Panel EHCP 20.04.1.b ftpusername cross site scripting

CVE-2024-57698 | modernwms 1.0 Administrator Password /user/list?culture=en-us access control

CVE-2024-1991 | metagauss RegistrationMagic Plugin up to 5.3.0.0 on WordPress update_users_role authorization

CVE-2026-25315 | hCaptcha for WP Plugin up to 4.22.0 on WordPress authorization