diff --git a/lib/api/apiUtils/bucket/parseLikeExpression.js b/lib/api/apiUtils/bucket/parseLikeExpression.js
index 0b85cfa6d8..210949eb85 100644
--- a/lib/api/apiUtils/bucket/parseLikeExpression.js
+++ b/lib/api/apiUtils/bucket/parseLikeExpression.js
@@ -13,7 +13,9 @@ function parseLikeExpression(regex) {
     }
     const pattern = split.slice(1, split.length - 1).join('/');
     const regexOpt = split[split.length - 1];
-    return { $regex: new RegExp(pattern), $options: regexOpt };
+    // Escape regex special characters to prevent ReDoS
+    const escapedPattern = pattern.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    return { $regex: new RegExp(escapedPattern), $options: regexOpt };
 }
 
 module.exports = parseLikeExpression;