CVE-2026-40319 Overview
CVE-2026-40319 is a Regular Expression Denial of Service (ReDoS) vulnerability affecting Giskard, an open-source testing framework designed for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes user-supplied regular expression patterns directly to Python's re.search() function without implementing any timeout or complexity guard mechanisms. This oversight allows attackers to craft malicious regex patterns that trigger catastrophic backtracking, causing the process to hang indefinitely and resulting in a denial of service condition.
Critical Impact
An attacker with write access to check definitions can craft a malicious regular expression pattern that causes catastrophic backtracking, leading to indefinite process hangs and denial of service during test suite execution.
Affected Products
- Giskard giskard-checks versions prior to 1.0.2b1
Discovery Timeline
- 2026-04-17 - CVE-2026-40319 published to NVD
- 2026-04-17 - Last updated in NVD database
Technical Details for CVE-2026-40319
Vulnerability Analysis
This vulnerability falls under CWE-1333 (Inefficient Regular Expression Complexity), commonly known as Regular Expression Denial of Service (ReDoS). The core issue resides in how the Giskard framework handles user-supplied regular expression patterns within its RegexMatching check functionality.
When a user defines a check that utilizes regex pattern matching, the pattern is passed directly to Python's native re.search() function without any safeguards. The absence of timeout mechanisms or pattern complexity analysis creates an exploitable condition where carefully crafted regex patterns can trigger exponential backtracking behavior in the regex engine.
Catastrophic backtracking occurs when the regex engine encounters ambiguous patterns with overlapping alternatives and nested quantifiers. For example, patterns with multiple consecutive repetition operators applied to character classes can cause the engine to explore an exponentially growing number of potential matches before ultimately failing.
Root Cause
The root cause of this vulnerability is the direct passage of untrusted user input (regex patterns) to the re.search() function without implementing defensive measures. The code lacks essential safeguards such as regex execution timeouts, pattern complexity analysis, or restrictions on potentially dangerous regex constructs like nested quantifiers and overlapping alternatives.
Attack Vector
Exploitation of CVE-2026-40319 requires local access with write permissions to check definitions within the Giskard framework. An attacker must be able to create or modify a RegexMatching check to inject a malicious regular expression pattern. When the test suite is subsequently executed, the malicious pattern is processed by re.search(), triggering catastrophic backtracking that causes the process to hang indefinitely.
The attack follows this sequence: The attacker first gains write access to check definitions, then crafts a regex pattern designed to cause exponential backtracking (such as patterns with nested quantifiers like (a+)+$ tested against input like "aaaaaaaaaaaaaaaaaaaab"), and finally waits for or triggers execution of the test suite containing the malicious check.
Detection Methods for CVE-2026-40319
Indicators of Compromise
- Unexplained process hangs or high CPU utilization during test suite execution in Giskard
- Test suite execution times that increase exponentially without corresponding changes to test data
- Processes stuck in regex evaluation with no progress being made
- Memory consumption spikes associated with regex pattern matching operations
Detection Strategies
- Monitor test suite execution times and alert on significant deviations from baseline
- Implement process-level monitoring for Giskard test runners to detect hanging states
- Review recently modified check definitions for suspicious regex patterns containing nested quantifiers
- Audit check definition changes for patterns matching known ReDoS signatures
Monitoring Recommendations
- Enable detailed logging for regex pattern execution within the Giskard framework
- Set up alerts for test processes that exceed expected execution time thresholds
- Monitor CPU utilization on systems running Giskard test suites for sustained high usage patterns
- Implement version control and change tracking for all check definitions to identify unauthorized modifications
How to Mitigate CVE-2026-40319
Immediate Actions Required
- Upgrade giskard-checks to version 1.0.2b1 or later immediately
- Review all existing RegexMatching check definitions for potentially malicious or overly complex patterns
- Restrict write access to check definitions to trusted users only
- Implement monitoring for test suite execution anomalies until the patch is applied
Patch Information
The vulnerability has been addressed in giskard-checks version 1.0.2b1. The fix introduces safeguards to prevent catastrophic backtracking scenarios when processing user-supplied regex patterns. Administrators should upgrade to this version or later to remediate the vulnerability.
For detailed release information, refer to the GitHub Release for giskard-checks v1.0.2b1. Additional security details are available in the GitHub Security Advisory GHSA-rq2q-4r55-9877.
Workarounds
- Restrict write access to check definitions to trusted administrators only until the patch can be applied
- Manually review all regex patterns in RegexMatching checks for dangerous constructs like nested quantifiers
- Implement external process timeout mechanisms to kill test processes that exceed reasonable execution times
- Consider temporarily disabling RegexMatching checks in production environments until the upgrade is complete
# Upgrade giskard-checks to the patched version
pip install --upgrade giskard-checks>=1.0.2b1
# Verify installed version
pip show giskard-checks | grep Version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
