Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-400

CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,094 vulnerabilities with CWE-400

CVE-2026-42001 HIGH

PowerDNS Authoritative 4.9.0-4.9.14 and 5.0.0-5.0.4 - Denial of Service via Autoprimary SOA Query Validation

CVE-2026-9137 HIGH

CSP Report Endpoint Log Flooding via Incorrect Size Limit

CVE-2026-45498 MEDIUM KEV

Microsoft Defender Denial of Service Vulnerability

CVE-2026-24215 MEDIUM

NVIDIA Triton Inference Server < 26.03 - Uncontrolled Resource Consumption in DALI Backend

CVE-2026-8968 HIGH

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

CVE-2026-33232 HIGH

AutoGPT: Unauthenticated DoS via Disk Space Exhaustion

CVE-2026-8769 MEDIUM

vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption

CVE-2026-38728 HIGH

Nodemailer smtp_server <3.18.3 - DoS

CVE-2026-42304 HIGH

Twisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains

CVE-2026-33378 MEDIUM

Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro

CVE-2026-44248 MEDIUM

Netty: Resource exhaustion in MqttDecoder

CVE-2026-42587 HIGH

Netty < 4.1.133.Final/4.2.13.Final HttpContentDecompressor - Decompression Bomb Denial of Service

CVE-2026-42583 HIGH

Netty: Lz4FrameDecoder resource exhaustion

CVE-2026-42579 HIGH

Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder)

CVE-2026-44456 MEDIUM

Hono: bodyLimit() can be bypassed for chunked / unknown-length requests

CVE-2026-44296 HIGH

Deskflow: TLS multiplexer DoS on failed `SSL_accept`

CVE-2026-44242 LOW

Micronaut Framework: Unbounded bundleCache in ResourceBundleMessageSource Allows Memory Exhaustion via Accept-Language Header

CVE-2026-44241 HIGH

Micronaut Framework: Unbounded formattersCache in TimeConverterRegistrar Allows Memory Exhaustion via Accept-Language Header

CVE-2026-42544 HIGH

Granian: Unauthenticated DoS via WebSocket subprotocol header panic

CVE-2026-44240 HIGH

basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering

CVE-2026-34678 MEDIUM

CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CVE-2026-34677 MEDIUM

CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CVE-2026-34673 MEDIUM

CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CVE-2026-34665 HIGH

CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CVE-2026-34651 HIGH

Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)

Previous Page 5 of 124 Next

Details

Vulnerabilities 3,094

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy