CVE-2026-29856 - Vulnerability Analysis
HighCVSS: 7.5Last Updated: March 19, 2026
aaPanel - Denial of Service
Overview
aaPanel v7.57.0 contains a Regular Expression Denial of Service caused by improper VirtualHost configuration parsing, letting attackers cause denial of service via crafted input, exploit requires no special privileges.
Severity & Score
Impact
Attackers can cause denial of service by exhausting server resources through crafted input.
Mitigation
Update to the latest version of aaPanel.
References
Social Media Activity(2 posts)
š CVE-2026-29856 - High (7.5) An issue in the VirtualHost configuration handling/parser component of aaPanel v7.57.0 allows attackers to cause a Regular Expression Denial of Service (ReDoS) via a crafted input. š https://www.thehackerwire.com/vulnerability/CVE-2026-29856/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postš CVE-2026-29856 - High (7.5) An issue in the VirtualHost configuration handling/parser component of aaPanel v7.57.0 allows attackers to cause a Regular Expression Denial of Service (ReDoS) via a crafted input. š https://www.thehackerwire.com/vulnerability/CVE-2026-29856/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-29856
- Severity
- High
- CVSS Score
- 7.5
- Type
- denial_of_service
- Status
- confirmed
- EPSS
- 3.8%
- Social Posts
- 2
CWE
- CWE-400
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H