This page collects WhisperX intelligence signals tagged #CVE-2026-4867. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A high-severity vulnerability, CVE-2026-4867, has been identified in the widely used Express.js framework version 4.22.1. The flaw, with a CVSS score of 7.5, resides in the `path-to-regexp` dependency, a core library for parsing URL paths. This security gap exposes any application built on this specific version of Expr...
A high-severity Regular Expression Denial of Service (ReDoS) vulnerability, tracked as CVE-2026-4867, has been identified in the legacy `path-to-regexp` npm package version 0.1.7. This utility, a core component for parsing URL paths in the Express.js web framework, contains a flawed regex generator that can be exploite...