CWE-186— Overly Restrictive Regular Expression
A regular expression is overly restrictive, which prevents dangerous values from being detected.— MITRE CWE catalog
2 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-186page 1 of 1
- CVE-2025-46821MEDIUMCVSS 5.3EG 5.32025-05-07
Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excludes the `*` character from a set of valid characters in the URI path. As a result URI pa…
- CVE-2026-47241LOWCVSS 2.1EG 2.12026-06-09
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent v…
Map vulnerabilities like CWE-186 to your infrastructure
EchelonGraph correlates every CVE — across CWE-186 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →