diff --git a/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll b/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll
index 000c247fc71..d006837466b 100644
--- a/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll
+++ b/java/ql/lib/semmle/code/java/security/regexp/ExponentialBackTracking.qll
@@ -115,6 +115,7 @@ private newtype TStatePair =
 private int rankState(State state) {
   state =
     rank[result](State s, Location l |
+      stateInsideBacktracking(s) and
       l = s.getRepr().getLocation()
     |
       s order by l.getStartLine(), l.getStartColumn(), s.toString()
diff --git a/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll b/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll
index 000c247fc71..d006837466b 100644
--- a/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll
+++ b/javascript/ql/lib/semmle/javascript/security/regexp/ExponentialBackTracking.qll
@@ -115,6 +115,7 @@ private newtype TStatePair =
 private int rankState(State state) {
   state =
     rank[result](State s, Location l |
+      stateInsideBacktracking(s) and
       l = s.getRepr().getLocation()
     |
       s order by l.getStartLine(), l.getStartColumn(), s.toString()
diff --git a/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll b/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll
index 000c247fc71..d006837466b 100644
--- a/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll
+++ b/python/ql/lib/semmle/python/security/regexp/ExponentialBackTracking.qll
@@ -115,6 +115,7 @@ private newtype TStatePair =
 private int rankState(State state) {
   state =
     rank[result](State s, Location l |
+      stateInsideBacktracking(s) and
       l = s.getRepr().getLocation()
     |
       s order by l.getStartLine(), l.getStartColumn(), s.toString()
diff --git a/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll b/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll
index 000c247fc71..d006837466b 100644
--- a/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll
+++ b/ruby/ql/lib/codeql/ruby/security/regexp/ExponentialBackTracking.qll
@@ -115,6 +115,7 @@ private newtype TStatePair =
 private int rankState(State state) {
   state =
     rank[result](State s, Location l |
+      stateInsideBacktracking(s) and
       l = s.getRepr().getLocation()
     |
       s order by l.getStartLine(), l.getStartColumn(), s.toString()