Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-400

CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,094 vulnerabilities with CWE-400

CVE-2026-39396 LOW

OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

CVE-2026-39320 HIGH

Signal K Server <2.25.0 WebSocket Subscriptions - Regular Expression Denial of Service

CVE-2026-6060 MEDIUM

OTRS 7.0.x-8.0.x, 2023.x-2025.x, <2026.3.x - Denial of Service via SQL Box Resource Consumption

CVE-2026-6607 MEDIUM

lm-sys fastchat Worker API Endpoint api_generate resource consumption

CVE-2026-6601 MEDIUM

Lagom WHMCS Template Datatables resource consumption

CVE-2026-40347 MEDIUM

Python-Multipart affected by Denial of Service via large multipart preamble or epilogue data

CVE-2026-40481 HIGH

monetr: Unauthenticated Stripe webhook reads attacker-sized request bodies before signature validation

CVE-2026-40303 HIGH

zrok allows unauthenticated DoS via unbounded memory allocation in striped session cookie parsing

CVE-2026-40192 HIGH

Pillow is vulnerable to a FITS GZIP decompression bomb

CVE-2026-3505 HIGH

Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.

CVE-2026-35034 MEDIUM

Jellyfin: Potential Application DoS from excessively large SyncPlay group names

CVE-2026-27308 LOW

ColdFusion | Uncontrolled Resource Consumption (CWE-400)

CVE-2026-27307 LOW

ColdFusion | Uncontrolled Resource Consumption (CWE-400)

CVE-2026-33116 HIGH

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVE-2026-26171 HIGH

Microsoft .NET and PowerShell - Resource Consumption Denial of Service

CVE-2026-2405 MEDIUM

Schneider Electric PowerChute Serial Shutdown < 1.5 - Denial of Service via Excessive POST /helpabout Requests

CVE-2026-30998 HIGH

FFmpeg < 8.0.1 - Denial of Service via Crafted Input File in zmqsend.c

CVE-2026-39304 HIGH

Apache ActiveMQ TLSv1.3 KeyUpdate - Memory Exhaustion Denial of Service

CVE-2026-5986 MEDIUM

Zod jsVideoUrlParser util.js getTime redos

CVE-2026-23869 HIGH

React Server Components 19.0.0-19.0.4 19.1.0-19.1.5 19.2.0-19.2.4 - Denial of Service via Crafted HTTP Requests

CVE-2026-34166 LOW

LiquidJS <10.25.3 replace Filter - Memory Limit Bypass

CVE-2026-33459 MEDIUM

Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

CVE-2026-39865 MEDIUM

Axios HTTP/2 Session Cleanup State Corruption Vulnerability

CVE-2026-35406 MEDIUM

Aardvark-dns has incorrect error handling for malformed tcp packets

CVE-2026-34045 HIGH

Podman Desktop WebView Server Exposed

Previous Page 9 of 124 Next

Details

Vulnerabilities 3,094

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy