1. CVE-2016-10539: High-Severity ReDoS Vulnerability in Node.js 'negotiator' Library Affects Express, Koa
A high-severity Regular Expression Denial of Service (ReDoS) vulnerability, tracked as CVE-2016-10539, has been identified in the widely-used Node.js HTTP content negotiation library `negotiator`. The flaw resides in versions 0.6.0 and earlier, where the parsing of the "Accept-Language" HTTP header can be exploited. An...