{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T15:22:56.025","vulnerabilities":[{"cve":{"id":"CVE-2026-22809","sourceIdentifier":"security-advisories@github.com","published":"2026-01-13T20:16:11.263","lastModified":"2026-01-20T16:49:02.293","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service (ReDoS) vulnerability was identified in tarteaucitron.js in the handling of the issuu_id parameter. This vulnerability is fixed in 1.29.0."},{"lang":"es","value":"tarteaucitron.js es un banner de cookies conforme y accesible. Antes de la versión 1.29.0, se identificó una vulnerabilidad de denegación de servicio por expresión regular (ReDoS) en tarteaucitron.js en el manejo del parámetro issuu_id. Esta vulnerabilidad está corregida en la versión 1.29.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:amauri:tarteaucitronjs:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"0BEC3231-9805-4074-93EB-2CCB444A1CA5"}]}]}],"references":[{"url":"https://github.com/AmauriC/tarteaucitron.js/commit/f0bbdac2fdf3cd24a325fc0928c0d34abf1b7b52","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/AmauriC/tarteaucitron.js/security/advisories/GHSA-q5f6-qxm2-mcqm","source":"security-advisories@github.com","tags":["Vendor Advisory","Patch"]}]}}]}