Key Information Vulnerability Overview Vulnerability Type: Potential DoS vulnerability Affected Versions: < 2.9.9 Fixed Version: 2.9.10 Impact Description: Following the discovery of GHSA-859r-vvv8-rm8r, code review revealed a similar issue. The (and ) action behaves identically, but in this case, the rule author must pass a parameter to the action. Example: Impact: If an excessive number of parameters are passed, the engine will store a large number of memory copies, potentially leading to a DoS. Fix and Mitigation Patch: Version 2.9.10 will include the fix. Workaround: If rules do not contain the or action, the engine is unaffected. Otherwise, no known workaround exists. How to Reproduce Rule Example: Request Example: Example: If there are 500 parameters named , the engine will store its name 500 500 times, i.e., 250,000 copies in memory. Additional Information CVE ID: CVE-2025-48866 CVSS v3 Base Metrics: - Attack Vector: Network - Attack Complexity: Low - Required Privileges: None - User Interaction: None - Scope: Unchanged - Confidentiality: None - Integrity: None - Availability: High Weakness**: CWE-1050