PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-15154 Red Hat CVE debrief

A Regular Expression Denial of Service (ReDoS) vulnerability was found in `guardrails-detectors`, a component of Red Hat OpenShift AI. This vulnerability allows a remote attacker to provide specially crafted regular expressions to the public detection API, causing catastrophic backtracking, leading to a worker process consuming 100% CPU indefinitely and resulting in a denial of service for the entire guardrails-mediated LLM pipeline. The vulnerability has a CVSS score of 6.5 and a severity of MEDIUM.

Vendor
Red Hat
Product
Red Hat OpenShift AI (RHOAI)
CVSS
MEDIUM 6.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-08
Original CVE updated
2026-07-10
Advisory published
2026-07-08
Advisory updated
2026-07-10

Who should care

Users of Red Hat OpenShift AI should be aware of this vulnerability and take steps to mitigate it, as it can cause a denial of service for the entire guardrails-mediated LLM pipeline. This includes operators, platform administrators, vulnerability management teams, and security teams who need to review and apply patches or mitigations.

Technical summary

The CVE-2026-15154 vulnerability is a Regular Expression Denial of Service (ReDoS) issue in the `guardrails-detectors` component of Red Hat OpenShift AI. The vulnerability allows a remote attacker to provide specially crafted regular expressions to the public detection API, causing catastrophic backtracking, leading to a worker process consuming 100% CPU indefinitely and resulting in a denial of service for the entire guardrails-mediated LLM pipeline. Users of Red Hat OpenShift AI should be aware of this vulnerability and take steps to mitigate it.

Defensive priority

Medium priority should be given to addressing this vulnerability, as it can cause a denial of service.

Recommended defensive actions

  • Inventory and review instances of Red Hat OpenShift AI for exposure
  • Apply vendor patches or mitigations
  • Monitor for suspicious activity
  • Implement compensating controls
  • Verify and validate the configuration of guardrails-detectors
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-07-08T20:16:48.430Z and was last modified on 2026-07-10T15:24:29.933Z. The NVD entry is currently Analyzed. This information is based on the provided source corpus. Further verification by defenders is recommended to ensure accuracy and completeness of the information.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-08T20:16:48.430Z and has not been modified since then. The NVD entry is currently Analyzed.