Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-400

CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

2,909 vulnerabilities with CWE-400

CVE-2026-34593 HIGH

Ash Framework: Ash.Type.Module.cast_input/2 atom exhaustion via unchecked Module.concat allows BEAM VM crash

CVE-2026-34829 HIGH

Rack: Denial of Service via Unbounded Multipart File Upload Without Content-Length

CVE-2026-34826 MEDIUM

Rack: Unbounded Range Count in get_byte_ranges Enables DoS

CVE-2026-34230 MEDIUM

Rack: Quadratic complexity in Rack::Utils.select_best_encoding via wildcard Accept-Encoding header

CVE-2026-31935 HIGH

Suricata http2: unbounded resource consumption

CVE-2026-5316 MEDIUM

Nothings stb stb_vorbis.c setup_free allocation of resources

CVE-2026-22815 HIGH

AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers

CVE-2026-34445 HIGH

ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.

CVE-2026-34404 HIGH

Nuxt OG Image vulnerable to DoS via image generation

CVE-2026-34043 MEDIUM

Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

CVE-2026-33750 MEDIUM

brace-expansion: Zero-step sequence causes process hang and memory exhaustion

CVE-2026-28375 MEDIUM

Grafana Testdata datasource can issue unbounded memory allocations

CVE-2026-27879 MEDIUM

Query resampling can cause unbounded memory allocations

CVE-2026-27859 MEDIUM

OX Dovecot Pro <3.0.2 - DoS

CVE-2026-27858 HIGH

OX Dovecot Pro <2.3.0 - DoS

CVE-2026-27857 MEDIUM

OX Dovecot Pro <2.3.0 - DoS

CVE-2026-33623 MEDIUM

PinchTab: OS Command Injection via Profile Name in Windows Cleanup Routine Enables Arbitrary Command Execution

CVE-2026-33541 MEDIUM

TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service

CVE-2026-33375 MEDIUM

Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS

CVE-2026-4926 HIGH

path-to-regexp vulnerable to Denial of Service via sequential optional groups

CVE-2026-3116 MEDIUM

Improper Input Validation in Zoom Plugin Webhook Handler

CVE-2026-33287 HIGH

LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

CVE-2026-33285 HIGH

LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash

CVE-2026-26233 MEDIUM

Denial of Service via HTTP/2 single packet attack on login endpoint

CVE-2026-20084 HIGH

Cisco Ios XE Software < 16.6.1 - Denial of Service

Previous Page 4 of 117 Next

Details

Vulnerabilities 2,909

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy