CVE-2025-5891 Information

Description

A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Reference

https://gist.github.com/mmmsssttt404/407e2ffe3e0eaa393ad923a86316a385 https://github.com/Unitech/pm2/pull/5971 https://github.com/Unitech/pm2/pull/5971 https://vuldb.com/?ctiid.311662 https://vuldb.com/?id.311662 https://vuldb.com/?submit.585750