Sign In

CVE-2026-4539

ADVISORY - github

Summary

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

EPSS Score: 0.00014 (0.027)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-1333

Inefficient Regular Expression Complexity

CWE-400

Uncontrolled Resource Consumption

ADVISORY - github

CWE-400

Uncontrolled Resource Consumption

ADVISORY - redhat

CWE-1333

Inefficient Regular Expression Complexity

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in