RaTeX CVE-2026-53530
HIGHSeverity by source
Untrusted-input render services make it network-reachable with a deterministic single string (AV:N/AC:L/PR:N/UI:N); impact is process-aborting DoS only (A:H, C:N/I:N).
Estimated by vuln.today — no official severity rating has been published for this CVE yet.
Lifecycle Timeline
1DescriptionCVE.org
Summary
The public parser entrypoint ratex_parser::parse(&str) panics on the 9-byte input \verbéxé (i.e. \verb followed by the non-ASCII delimiter é). When handling a \verb command, the parser slices the verbatim argument with byte indices (arg[1..arg.len() - 1]); if the delimiter character is multibyte UTF-8, index 1 lands inside that character and Rust panics with *“byte index 1 is not a char boundary”*. Because RaTeX’s release profile sets panic = "abort" (Cargo.toml:48), the panic aborts the entire process - not just the current request/thread - making this a hard denial of service for any service that renders untrusted LaTeX.
Details
Affected code
crates/ratex-parser/src/parser.rs, parse_symbol_inner:
if let Some(stripped) = text.strip_prefix("\\verb") { // parser.rs:901
self.consume();
let arg = stripped.to_string(); // e.g. "éxé"
let star = arg.starts_with('*');
let arg = if star { &arg[1..] } else { &arg }; // parser.rs:905 (also byte-sliced)
if arg.len() < 2 { // byte length
return Err(ParseError::new("\\verb assertion failed", Some(&nucleus)));
}
let body = arg[1..arg.len() - 1].to_string(); // parser.rs:910 <-- PANIC on multibyte delimiter
...
}For input \verbéxé: arg = "éxé", where é = U+00E9 (bytes C3 A9). arg.len() is the byte length (5), the < 2 guard passes, and arg[1..4] starts at byte index 1 - inside the first é (bytes 0..2) - so the slice panics. The lexer groups \verb<delim>…<delim> correctly with char semantics (lexer.rs lex_verb); only the parser mishandles it.
PoC
<img width="1109" height="205" alt="image" src="https://github.com/user-attachments/assets/cd4bc6ae-23dd-458f-826c-6ce4e85c7005" />
$ printf '\\verb\xc3\xa9x\xc3\xa9\n' | ./target/release/parse
thread 'main' panicked at crates/ratex-parser/src/parser.rs:910:27:
start byte index 1 is not a char boundary; it is inside 'é' (bytes 0..2 of string)
Aborted (core dumped)
# exit 134 - panic=abort kills the whole processImpact
Any application that renders untrusted LaTeX through RaTeX (web “render this math” endpoint, WASM in-browser use, the FFI embedded in another app) can be crashed by a tiny string. With panic = "abort" in release builds, the crash takes down the whole process / server, so a single malicious formula causes a full-service DoS (and, in batch pipelines, drops all queued work).
Remediation
Slice by character boundaries instead of byte indices, mirroring the UTF-8-correct logic the lexer already uses. For example:
let chars: Vec<char> = arg.chars().collect();
if chars.len() < 2 { return Err(ParseError::new("\\verb assertion failed", Some(&nucleus))); }
let body: String = chars[1..chars.len() - 1].iter().collect();(Apply the same char-aware handling to the * strip at parser.rs:905.) More broadly, consider not using panic = "abort" for builds embedded in long-running services, and/or wrapping parsing in catch_unwind at the FFI/WASM boundary - but the byte-slice fix is the direct correction.
AnalysisAI
Denial of service in RaTeX, a Rust LaTeX-rendering library (crate ratex-parser), lets remote attackers crash any service that parses untrusted LaTeX by submitting a 9-byte \verb command whose delimiter is a multibyte UTF-8 character (e.g. \verbéxé). …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires that the target parse attacker-controlled input through RaTeX's public entrypoint `ratex_parser::parse(&str)` (or a service/WASM/FFI wrapper around it) and that the input contain a `\verb` command whose delimiter is a multibyte UTF-8 character - the minimal trigger is `\verb` followed by `é` around a body, e.g. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No CVSS or EPSS score was supplied and the CVE is not in CISA KEV, so priority must be reasoned from the description. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker locates a public web service that renders user-submitted LaTeX/math via RaTeX and submits the 9-byte formula `\verbéxé`. The parser panics inside the multibyte `é` delimiter and, because of `panic = "abort"`, the whole rendering process crashes, taking down the service for all users; a working PoC command is published in the advisory, and the same string repeated causes a persistent, low-effort DoS. |
| Remediation | No vendor-released patched version is identified from the available data, but the advisory provides a concrete upstream code fix: replace the byte-index slices in `parse_symbol_inner` with char-aware handling - collect `arg.chars().collect::<Vec<char>>()`, check `chars.len() < 2`, and build the body from `chars[1..chars.len()-1]` - applying the same char-based logic to the `*` strip at parser.rs:905. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: identify all internal services and dependencies using ratex-parser crate via software composition analysis. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-248 – Uncaught Exception
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-4hgp-59h5-gvrj