Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-130

CWE-130

Improper Handling of Length Parameter Inconsistency

Parent: CWE-240 - Improper Handling of Inconsistent Structural Elements

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

93 vulnerabilities with CWE-130

CVE-2026-45681 MEDIUM

OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size

CVE-2026-45615 HIGH

mouse07410/asn1c: 1-byte Heap Out-of-Bounds Read in `INTEGER_decode_oer` via Malformed OER Payload

CVE-2026-48685 MEDIUM

FastNetMon Community Edition <= 1.2.9 - Out-of-Bounds Memory Access via BGP Extended Length Flag Parsing

CVE-2026-9054 CRITICAL

9front - Invalid IP Packets Cause a Kernel Panic

CVE-2026-5766 MEDIUM

Django ASGI File Upload - Memory Limit Bypass DoS

CVE-2026-33846 HIGH

Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly

CVE-2026-35547 HIGH

Heap overflow in libnv

CVE-2026-3868 HIGH

Moxa EDR-8010 and EDR-G9010 Series - Unauthenticated Denial of Service via HTTPS Management Interface

CVE-2026-41898 CRITICAL

rust-openssl 0.9.24-0.10.77 - Buffer Overflow

CVE-2026-31635 HIGH

rxrpc: fix oversized RESPONSE authenticator length check

CVE-2026-5367 HIGH

Ovn: ovn: information disclosure via crafted dhcpv6 packets

CVE-2026-5265 MEDIUM

Ovn: ovn: heap over-read in icmp error response generation - security issue

CVE-2026-41035 HIGH

rsync 3.0.1-3.4.1 - Use-After-Free via Untrusted Length Value in receive_xattr

CVE-2026-33555 MEDIUM

HAProxy 2.6-3.3.5 - HTTP/3 Request Smuggling via Empty Payload Frame

CVE-2026-40199 MEDIUM

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass

CVE-2026-34831 MEDIUM

Rack: Content-Length mismatch in Rack::Files error responses

CVE-2026-33936 MEDIUM

python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

CVE-2026-25572 MEDIUM

SICAM SIAPP SDK <V2.1.7 - Buffer Overflow

CVE-2026-25571 MEDIUM

SICAM SIAPP SDK <V2.1.7 - Buffer Overflow

CVE-2026-22861 HIGH

iccDEV < 2.3.1.2 - Heap-Based Buffer Overflow in SIccCalcOp::Describe()

CVE-2026-22255 HIGH

iccdev < 2.3.1.2 - Heap-Based Buffer Overflow in CIccCLUT::Init()

CVE-2026-22047 HIGH

iccDEV < 2.3.1.2 - Heap-Based Buffer Overflow in SIccCalcOp::Describe()

CVE-2026-22046 HIGH

iccdev < 2.3.1.2 - Heap-Based Buffer Overflow in CIccProfileXml::ParseBasic()

CVE-2025-48022 MEDIUM

Yokogawa Electric Corporation - DoS

CVE-2025-14847 HIGH KEV

MongoDB Memory Disclosure (CVE-2025-14847) - Mongobleed

Page 1 of 4 Next

Details

Vulnerabilities 93

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy