WRITEUP

WRITEUP

Exploit for CVE-2025-66020 - Valibot <1.1.0 - DoS

AI Analysis

This patch addresses a ReDoS (Regular Expression Denial of Service) vulnerability in the EMOJI_REGEX pattern by refining the regex to prevent catastrophic backtracking. The fix adds negative lookaheads to avoid overlapping matches that could lead to excessive computation time.

Attack Type

DoS

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1499 - Endpoint Denial of Service

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type patch

Files 1

https://github.com/open-circle/valibot/commit/cfb799db301a953a0950d5c05a34a3ab121262dc

Authors

Fabian Hiller

Vulnerability

CVE-2025-66020

Valibot <1.1.0 - DoS

HIGH

CVSS 7.5