CVE-2026-46378: Unbounded Peek Loop
A lexer or parser loop iterates based solely on a negated peek/match function without checking for the end of the input (EOF). If the peek function handles out-of-bounds by returning false, the negation will evaluate to true at EOF, resulting in an infinite loop (Denial of Service). Ensure buffer boundaries are explicitly checked in the loop condition (e.g.,
greprules fetch cve-2026-46378-unbounded-peek-loop --engine opengrepDescription
A lexer or parser loop iterates based solely on a negated peek/match function without checking for the end of the input (EOF). If the peek function handles out-of-bounds by returning false, the negation will evaluate to true at EOF, resulting in an infinite loop (Denial of Service). Ensure buffer boundaries are explicitly checked in the loop condition (e.g.,
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.