Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-248

CWE-248

Uncaught Exception

Parent: CWE-705 - Incorrect Control Flow Scoping

An exception is thrown from a function, but it is not caught.

206 vulnerabilities with CWE-248

CVE-2026-33191 HIGH

free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error

CVE-2026-32770 MEDIUM

Parse Server: LiveQuery subscription with invalid regular expression crashes server

CVE-2026-32314 HIGH

Yamux remote Panic via malformed Data frame with SYN set and len = 262145

CVE-2026-31949 MEDIUM

LibreChat < 0.8.3-rc1 - Authenticated Denial of Service via Malformed DELETE /api/convos Request

CVE-2026-2229 HIGH

undici < 6.24.0 and 7.0.0-7.24.0 - Denial of Service via Invalid server_max_window_bits Parameter

CVE-2026-1528 HIGH

undici 6.0.0-6.23.9 7.0.0-7.23.9 - Denial of Service via WebSocket Frame Length Overflow

CVE-2026-31870 HIGH

cpp-httplib < 0.37.1 - Unauthenticated Denial of Service via Unhandled Content-Length Exception

CVE-2026-31812 HIGH

quinn-proto < 0.11.14 - Unauthenticated Denial of Service via Malformed QUIC Transport Parameters

CVE-2026-20068 MEDIUM

Cisco Snort 3 Detection Engine - Unauthenticated Denial of Service via RPC Packet Parsing

CVE-2026-20031 MEDIUM

ClamAV - Denial of Service via Crafted HTML File with UTF-8 String Handling

CVE-2026-27631 MEDIUM

exiv2 < 0.28.8 - Denial of Service via Preview Command Line Argument

CVE-2026-27819 HIGH

Vikunja < 2.0.0 - Path Traversal and Denial of Service via Malicious ZIP Archive

CVE-2026-1507 HIGH

AVEVA PI Data Archive PI Server < 2018_SP3_Patch_7 - Unauthenticated Denial of Service via Uncaught Exception

CVE-2026-25577 HIGH

emmett-core < 1.3.11 - Unauthenticated Denial of Service via Malformed Cookie Header

CVE-2026-25128 HIGH

fast-xml-parser 5.0.9-5.3.3 - Denial of Service via Out-of-Range XML Entity Code Points

CVE-2025-15649 MEDIUM

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date

CVE-2025-24851 MEDIUM

Intel(R) Ethernet Controller E810 <cvl fw 1.7.8.x - DoS

CVE-2025-13064 MEDIUM

Server-Side Injection - Code Injection

CVE-2025-59466 HIGH

Node.js 20.0.0-20.19.1 - Denial of Service via Uncatchable Stack Overflow in async_hooks

CVE-2025-67647 CRITICAL

SvelteKit 2.19.0-2.49.4 - Server-Side Request Forgery and Denial of Service via Prerendered Routes

CVE-2025-66578 MEDIUM

xmlseclibs < 3.1.4 - Authentication Bypass via libxml2 Canonicalization Failure

CVE-2025-20758 MEDIUM

MediaTek NR15 NR16 NR17 NR17R - Remote Denial of Service via Rogue Base Station

CVE-2025-20754 MEDIUM

MediaTek NR15, NR16, NR17, NR17R - Denial of Service via Rogue Base Station

CVE-2025-20753 MEDIUM

MediaTek NR15 and NR16 - Remote Denial of Service via Rogue Base Station

CVE-2025-66305 MEDIUM

Grav < 1.8.0-beta.27 - Denial of Service via Malformed Supported Parameter in Admin Configuration

Previous Page 2 of 9 Next

Details

Vulnerabilities 206

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy