/tags/cve-2025-3263/ Recent content in CVE-2025-3263 on Arjun's Blog Hugo en Mon, 27 Apr 2026 00:00:00 +0000 /posts/6-redos-vulnerability-automation-with-ai/ Mon, 27 Apr 2026 00:00:00 +0000 /posts/6-redos-vulnerability-automation-with-ai/ <p>The idea started while browsing <a href="https://huntr.com/bounties/hacktivity" target="_blank" rel="noopener noreferrer">Huntr&rsquo;s hacktivity</a> feed. I saw a ReDoS vulnerability reported in HuggingFace Transformers and wondered how many more might be hiding in there. Manually reviewing regex patterns sounded tedious and I only have the attention span of a Skink, so naturally I spent time building a tool to avoid doing it myself. That laziness paid off — 6 CVEs and $750, to be exact.</p> <h2 id="what-even-is-redos">What Even is ReDoS?</h2> <p>Before we dive in, let me explain what ReDoS (Regular Expression Denial of Service) is for the uninitiated.</p>