CVE-2026-4539 | pygments up to 2.19.2 archetype.py AdlLexer redos (Issue 3058)

Inserito da Angelo Barbosa | Mar 21, 2026 | CVE

A vulnerability, which was classified as problematic, was found in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity.

This vulnerability is identified as CVE-2026-4539. The attack is only possible with local access. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-4539 | pygments up to 2.19.2 archetype.py AdlLexer redos (Issue 3058)

Post correlati

CVE-2024-9844 | Ivanti Connect Secure up to 22.7R2.3 Secure Application Manager client-side enforcement of server-side security

CVE-2024-50619 | CIPPlanner CIPAce up to 9.16 User Management privilege escalation

CVE-2023-7155 | SourceCodester Free and Open Source Inventory Management System 1.0 edit_product.php id sql injection

CVE-2024-24506 | Lime Survey Community Edition 5.3.32+220817 General Setting Administrator email address cross site scripting (Exploit 51926 / EDB-51926)