CVE-2026-55470 | HAPI FHIR 5.4.0/6.4.0 FHIRPathEngine.matches redos

SecurityVulns

A vulnerability categorized as problematic has been discovered in HAPI FHIR 5.4.0/6.4.0. This impacts the function FHIRPathEngine.matches. Such manipulation leads to inefficient regular expression complexity.

This vulnerability is referenced as CVE-2026-55470. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More