The Snyk Monthly Vulnerability Profile has highlighted a Regular Expression Denial of Service (REDoS) vulnerability discovered in the popular UAParser JavaScript package, which was reported to Snyk by third-party researcher Yeting Li. The vulnerability allows an attacker to force catastrophic backtracking in regex processing, potentially causing server crashes or unresponsiveness. The Snyk Research team investigated and worked with Li and the package maintainer to ensure responsible disclosure and remediation of the issue. As a result, nearly 21,000 packages were found to have vulnerable versions of the package, allowing developers to fix the issue quickly.