Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-400

CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,094 vulnerabilities with CWE-400

CVE-2026-32588 MEDIUM

Apache Cassandra: Authenticated DoS via ALTER ROLE Password Hashing

CVE-2026-35441 MEDIUM

Directus Affected by GraphQL Alias Amplification Denial-of-Service Due to Missing Query Cost/Complexity Limits

CVE-2026-0049 MEDIUM

Android - Denial of Service via LocalImageResolver Header Decoding

CVE-2026-34148 HIGH

Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution

CVE-2026-26477 MEDIUM

DokuWiki 2025-05-14b - Denial of Service via media_upload_xhr() Function

CVE-2026-34827 HIGH

Rack: Algorithmic-Complexity DoS in Rack::Multipart::Parser

CVE-2026-34593 HIGH

Ash Framework: Ash.Type.Module.cast_input/2 atom exhaustion via unchecked Module.concat allows BEAM VM crash

CVE-2026-34829 HIGH

Rack: Denial of Service via Unbounded Multipart File Upload Without Content-Length

CVE-2026-34826 MEDIUM

Rack: Unbounded Range Count in get_byte_ranges Enables DoS

CVE-2026-34230 MEDIUM

Rack: Quadratic complexity in Rack::Utils.select_best_encoding via wildcard Accept-Encoding header

CVE-2026-31935 HIGH

Suricata http2: unbounded resource consumption

CVE-2026-5316 MEDIUM

Nothings stb stb_vorbis.c setup_free allocation of resources

CVE-2026-22815 HIGH

AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers

CVE-2026-34445 HIGH

ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.

CVE-2026-34404 HIGH

Nuxt OG Image vulnerable to DoS via image generation

CVE-2026-34043 MEDIUM

Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

CVE-2026-33750 MEDIUM

brace-expansion: Zero-step sequence causes process hang and memory exhaustion

CVE-2026-28375 MEDIUM

Grafana Testdata datasource can issue unbounded memory allocations

CVE-2026-27879 MEDIUM

Query resampling can cause unbounded memory allocations

CVE-2026-27859 MEDIUM

OX Dovecot Pro < 2.4.0, < 3.0.2, < 3.1.0 - Uncontrolled Resource Consumption via RFC 2231 MIME Parameters

CVE-2026-27858 HIGH

OX Dovecot Pro < 2.3.0, < 3.1.0, < 2.4.0 - Unauthenticated Denial of Service via Managesieve Memory Allocation

CVE-2026-27857 MEDIUM

OX Dovecot Pro < 2.3.0 - Denial of Service via NOOP Command Memory Exhaustion

CVE-2026-33623 MEDIUM

PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution

CVE-2026-33541 MEDIUM

TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service

CVE-2026-33375 MEDIUM

Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS

Previous Page 10 of 124 Next

Details

Vulnerabilities 3,094

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy