CVE-2026-40319
Received Received - Intake
Catastrophic Backtracking in Giskard RegexMatching Causes Hang

Publication date: 2026-04-17

Last updated on: 2026-04-24

Assigner: GitHub, Inc.

Description
Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search() without any timeout or complexity guard. A crafted regex pattern can trigger catastrophic backtracking, causing the process to hang indefinitely. Exploitation requires write access to a check definition and subsequent execution of the test suite. This issue has been fixed in giskard-checks version 1.0.2b1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-17
Last Modified
2026-04-24
Generated
2026-06-16
AI Q&A
2026-04-17
EPSS Evaluated
2026-06-15
NVD
CVE-2026-40319
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
giskard giskard to 1.0.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1333 The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Giskard open-source testing framework for AI models, specifically in versions prior to 1.0.2b1. The issue is in the RegexMatching check, which takes a user-supplied regular expression pattern and passes it directly to Python's re.search() function without any timeout or complexity safeguards.

A maliciously crafted regex pattern can cause catastrophic backtracking, which leads to the process hanging indefinitely. To exploit this vulnerability, an attacker needs write access to a check definition and must then execute the test suite.

This vulnerability has been fixed in giskard-checks version 1.0.2b1.

Impact Analysis

The primary impact of this vulnerability is that an attacker with write access to a check definition can cause the testing process to hang indefinitely by supplying a crafted regex pattern. This can lead to denial of service conditions where the test suite becomes unresponsive.

Mitigation Strategies

To mitigate this vulnerability, upgrade giskard-checks to version 1.0.2b1 or later, where the issue has been fixed.

Additionally, restrict write access to check definitions to prevent untrusted users from supplying malicious regular expressions.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40319. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart