You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 35611
About this tag
CVE-2026-35611 is a regular expression denial of service vulnerability in Addressable URI templates. Microsoft describes it as an availability attack risk that can cause total or partial loss of availability in impacted components. The vulnerability allows an attacker to trigger sustained resource exhaustion, making services slow, unresponsive, or completely unavailable. This ReDoS flaw is particularly concerning because it resides in a widely reused dependency, potentially affecting many applications. The tag covers discussions about the technical details, impact, and mitigation strategies for CVE-2026-35611, emphasizing the importance of addressing availability bugs that can be as disruptive as code-execution vulnerabilities.
CVE-2026-35611 is another reminder that availability bugs can be every bit as disruptive as code-execution flaws, especially when they live inside a widely reused dependency. Microsoft describes the issue as a regular expression denial of service in Addressable templates, warning that the...