CVE-2026-29856

High CVSS: 7.5

An issue in the VirtualHost configuration handling/parser component of aaPanel v7.57.0 allows attackers to cause a Regular Expression Denial of Service (ReDoS) via a crafted input.

Vendor

Aapanel

Product

Aapanel

CWE

CWE-400

Yayın Tarihi

2026-03-18 18:16:27

Güncelleme

2026-03-19 19:23:57

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-400 Aapanel HIGH Aapanel 2026

Referanslar

https://github.com/aapanel/aapanel https://github.com/mbiesiad/vulnerability-research/tree/main/CVE-2026-29856

Benzer Kayıtlar

High

CVE-2026-29858

A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion (LFI), leadingot sensiti…

Critical

CVE-2026-29859

An arbitrary file upload vulnerability in aaPanel v7.57.0 allows attackers to execute arbitrary code via uploading a cra…

Medium

CVE-2024-42922

AAPanel v7.0.7 was discovered to contain an OS command injection vulnerability.