VYPR
Moderate severityNVD Advisory· Published Jan 13, 2026· Updated Jan 13, 2026

tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

CVE-2026-22809

Description

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service (ReDoS) vulnerability was identified in tarteaucitron.js in the handling of the issuu_id parameter. This vulnerability is fixed in 1.29.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tarteaucitronjsnpm
< 1.29.01.29.0

Affected products

1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.