Brace-expansion
This hub aggregates every CVE we track for Brace-expansion, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
1
1
0
1
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Brace-expansion.
- CVE-2026-45149brace-expansion: Large numeric range defeats documented `max` DoS protection6.5
- CVE-2026-33750brace-expansion: Zero-step sequence causes process hang and memory exhaustion6.5
- CVE-2026-25547Uncontrolled Resource Consumption in @isaacs/brace-expansion8.6
- CVE-2025-5889juliangruber brace-expansion index.js expand redos3.1
- CVE-2017-18077index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.7.5
Product normalization is registry-driven with AI assist and human review. How it works