CVE-2026-33079
highCVSS v3 Base Score
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 94% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in Mistune, a Markdown parser. This vulnerability, known as Regular Expression Denial of Service (ReDoS), exists in the `LINK_TITLE_RE` regular expression. A remote attacker can exploit this by providing specially crafted Markdown input, which causes the regular expression engine to engage in catastrophic backtracking. This leads to significant CPU consumption, making applications that use Mistune unresponsive and resulting in a Denial of Service.
CWE
CWE-1333Affected Products
Migration Toolkit for Applications 8Red Hat OpenShift AI (RHOAI)Red Hat Satellite 6