CVE-2026-5986

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Zod jsVideoUrlParser versions up to 0.5.1

Description A weakness exists in Zod jsVideoUrlParser up to version 0.5.1. The issue is related to inefficient regular expression complexity caused by manipulation of the timestamp argument within the getTime function in the lib/util.js library. This can be initiated remotely. The exploit is publicly available.

Recommendations Update to a version beyond 0.5.1.

Exploit

Fix

Resource Exhaustion

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-1333

Related Identifiers

CVE-2026-5986

GHSA-8FGX-WGVR-PCX8

Affected Products

Zod Jsvideourlparser

CVE-2026-5986

Weakness Enumeration

Related Identifiers

Affected Products

References · 10