Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-400

CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,094 vulnerabilities with CWE-400

CVE-2026-4926 HIGH

path-to-regexp vulnerable to Denial of Service via sequential optional groups

CVE-2026-3116 MEDIUM

Improper Input Validation in Zoom Plugin Webhook Handler

CVE-2026-33287 HIGH

LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

CVE-2026-33285 HIGH

LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash

CVE-2026-26233 MEDIUM

Denial of Service via HTTP/2 single packet attack on login endpoint

CVE-2026-20084 HIGH

Cisco IOS XE Software 16.6.1-16.6.10, 16.7.1 - Unauthenticated Denial of Service via BOOTP Packet Handling

CVE-2026-33268 MEDIUM

Nanoleaf Lines unauthenticated firmware file store

CVE-2026-28874 HIGH

iOS and iPadOS < 26.4 - Denial of Service

CVE-2026-33538 HIGH

Parse Server: Denial of service via unindexed database query for unconfigured auth providers

CVE-2026-33474 MEDIUM

Vikunja Affected by DoS via Image Preview Generation

CVE-2026-30662 MEDIUM

ConcreteCMS 9.4.7 - Authenticated Denial of Service via File Manager Bulk Download

CVE-2026-30653 HIGH

free5gc < 4.2.0 - Denial of Service via AMF HandleAuthenticationFailure

CVE-2026-4727 HIGH

Denial-of-service in the Libraries component in NSS

CVE-2026-4726 HIGH

Firefox and Thunderbird - Denial of Service in XML Component

CVE-2026-4704 HIGH

Denial-of-service in the WebRTC: Signaling component

CVE-2026-33176 HIGH

ActiveSupport < 8.1.2.1, < 8.0.4.1, < 7.2.3.1 - Denial of Service via BigDecimal Scientific Notation Expansion

CVE-2026-33169 MEDIUM

Active Support <8.1.2.1/8.0.4.1/7.2.3.1 - DoS

CVE-2026-4539 LOW

pygments archetype.py AdlLexer redos

CVE-2026-33204 HIGH

SimpleJWT <1.1.1 PBES2 JWE Header - Denial of Service

CVE-2026-33155 HIGH

DeepDiff has Memory Exhaustion DoS through SAFE_TO_IMPORT

CVE-2026-33123 MEDIUM

pypdf has inefficient decoding of array-based streams

CVE-2026-25667 HIGH

.NET 8.0.0-8.0.21 and 9.0.0-9.0.10 - Uncontrolled Resource Consumption via Crafted QUIC Packet

CVE-2026-29856 HIGH

aaPanel 7.57.0 - Regular Expression Denial of Service in VirtualHost Configuration Parser

CVE-2026-27980 HIGH

Next.js: Unbounded next/image disk cache growth can exhaust storage

CVE-2026-25771 MEDIUM

Wazuh Vulnerable to Denial of Service via Synchronous I/O Blocking in Asynchronous Authentication Middleware

Previous Page 11 of 124 Next

Details

Vulnerabilities 3,094

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy