2 vulnerabilities classified as CWE-624 (可执行体正则表达式错误). AI Chinese analysis included.
CWE-624 represents a critical weakness where regular expressions contain executable components influenced by user-controlled inputs or allow execution via inserted pattern modifiers. This vulnerability is typically exploited when attackers manipulate input to inject malicious code into the regex engine, effectively turning pattern matching into arbitrary code execution. For instance, in PHP’s preg_replace() function, an attacker might supply a string containing special modifiers that alter the regex behavior, leading to unintended side effects or remote code execution. To prevent this, developers must strictly validate and sanitize all user inputs before they are incorporated into regular expression patterns. Additionally, using safe APIs that do not support executable regex features or employing static analysis tools to detect dangerous patterns can significantly mitigate the risk of such exploits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25237 | PEAR is Vulnerable to PHP Code Execution via preg_replace /e in Bug Update Emails — pearweb | 9.8AI | CriticalAI | 2026-02-03 |
| CVE-2024-41655 | TF2 Item Format Regular Expression Denial of Service vulnerability — node-tf2-item-format | 7.5 | High | 2024-07-23 |
Vulnerabilities classified as CWE-624 (可执行体正则表达式错误) represent 2 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.