cbcvebase.
CVE-2026-25680
published 2026-05-22

CVE-2026-25680: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.

PriorityP427medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
0.25%
16.0th percentile
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.

Affected

480 ranges· showing 25
VendorProductVersion rangeFixed in
3scale-amp23scale-operator-bundle
3scale-amp23scale-rhel7-operator
3scale-amp23scale-rhel9-operator
advanced-cluster-securityrhacs-main-rhel9
advanced-cluster-securityrhacs-operator-bundle
advanced-cluster-securityrhacs-rhel9-operator
advanced-cluster-securityrhacs-roxctl-rhel9
advanced-cluster-securityrhacs-scanner-rhel8
advanced-cluster-securityrhacs-scanner-rhel9
advanced-cluster-securityrhacs-scanner-slim-rhel8
advanced-cluster-securityrhacs-scanner-slim-rhel9
advanced-cluster-securityrhacs-scanner-v4-rhel9
ansible-automation-platform-26receptor-rhel9
ansible-automation-platform-27receptor-rhel9
assistedagent-preinstall-image-builder-rhel9
cert-managercert-manager-istio-csr-rhel9
cert-managercert-manager-trust-manager-rhel9
cert-managerjetstack-cert-manager-acmesolver-rhel9
cert-managerjetstack-cert-manager-rhel9
complianceopenshift-compliance-operator-bundle
complianceopenshift-file-integrity-operator-bundle
complianceopenshift-file-integrity-rhel8-operator
complianceopenshift-selinuxd-rhel10
complianceopenshift-selinuxd-rhel8
complianceopenshift-selinuxd-rhel9

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
cvelistv5v3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.