Skip to main content

guardrails-detectors CVE-2026-15154

| EUVDEUVD-2026-42382 MEDIUM
Inefficient Regular Expression Complexity (ReDoS) (CWE-1333)
2026-07-08 secalert@redhat.com GHSA-jm96-7wvj-j3r9
6.5
CVSS 3.1 · Vendor: redhat
Share

Severity by source

Vendor (redhat) PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
7.5 HIGH

Description references a 'public detection API' implying network reachability (AV:N over AV:A); no auth or complexity required; impact is availability-only.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Primary rating from Vendor (redhat).

CVSS VectorVendor: redhat

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jul 08, 2026 - 20:59 vuln.today

DescriptionCVE.org

A flaw was found in guardrails-detectors, a component of Red Hat OpenShift AI. This vulnerability, known as Regular Expression Denial of Service (ReDoS), allows a remote attacker to provide specially crafted regular expressions to the public detection API. This can cause catastrophic backtracking, leading to a worker process consuming 100% CPU indefinitely and resulting in a denial of service for the entire guardrails-mediated LLM pipeline.

AnalysisAI

ReDoS vulnerability in the guardrails-detectors component of Red Hat OpenShift AI enables adjacent-network attackers to submit specially crafted regular expressions to the public detection API, triggering catastrophic backtracking that pins a worker process at 100% CPU indefinitely. The availability impact extends beyond the component itself - the entire guardrails-mediated LLM pipeline is rendered non-functional. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Gain adjacent network access to OpenShift AI segment
Delivery
Identify guardrails-detectors public detection API endpoint
Exploit
Craft malicious ReDoS regex payload with exponential backtracking pattern
Install
Submit payload to detection API with no credentials
C2
Trigger catastrophic backtracking in regex engine
Execute
Worker process saturates CPU indefinitely
Impact
Entire guardrails-mediated LLM pipeline enters denial of service

Vulnerability AssessmentAI

Exploitation The attacker must have network access to the adjacent network segment hosting the guardrails-detectors API (AV:A per vendor CVSS - same subnet, VLAN, or internal network zone). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-supplied CVSS vector (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) rates this 6.5 Medium, with the AV:A (adjacent network) metric being the primary risk-limiting factor - the attack surface is constrained to callers sharing the same network segment, VLAN, or API-accessible zone rather than the open internet. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with access to the same network segment as the OpenShift AI deployment submits a specially crafted regular expression - such as a pattern with exponential alternation like `(a+)+$` against a non-matching input - to the guardrails-detectors public detection API. The regex engine enters catastrophic backtracking, pegging one or more worker processes at 100% CPU with no timeout or recovery path, rendering the guardrails-mediated LLM inference pipeline completely unavailable to all users.
Remediation Apply the vendor-released patch for the guardrails-detectors component of Red Hat OpenShift AI; consult https://access.redhat.com/security/cve/CVE-2026-15154 for the specific patched version and errata - exact fix version numbers are not independently confirmed from available data. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15154 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy