Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-674

CWE-674

Uncontrolled Recursion

Parent: CWE-834 - Excessive Iteration

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

386 vulnerabilities with CWE-674

pf can overflow the stack parsing crafted SCTP packets

CVE-2026-6527 MEDIUM

Uncontrolled Recursion in Wireshark

CVE-2026-5409 MEDIUM

Uncontrolled Recursion in Wireshark

CVE-2026-5408 MEDIUM

Uncontrolled Recursion in Wireshark

CVE-2026-5406 MEDIUM

Uncontrolled Recursion in Wireshark

CVE-2026-5401 MEDIUM

Uncontrolled Recursion in Wireshark

CVE-2026-5299 MEDIUM

Uncontrolled Recursion in Wireshark

CVE-2026-41636 HIGH

Apache Thrift: Node.js skip() recursion

CVE-2026-41606 MEDIUM

Apache Thrift: c_glib dispatch stack overflow

CVE-2026-42039 HIGH

Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

CVE-2026-41680 HIGH

Marked: OOM Denial of Service via Infinite Recursion in marked Tokenizer

CVE-2026-6862 MEDIUM

Efivar: efivar: denial of service due to stack overflow in device path node parsing

CVE-2026-40879 HIGH

Nest: DoS via Recursive handleData in JsonSocket (TCP Transport)

CVE-2026-39396 LOW

OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

CVE-2026-40324 CRITICAL

Hot Chocolate's Utf8GraphQLParser has Stack Overflow via Deeply Nested GraphQL Documents

CVE-2026-33947 MEDIUM

jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted()

CVE-2026-33908 HIGH

ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree()

CVE-2026-33902 MEDIUM

ImageMagick: Stack Overflow via Recursive FX Expression Parsing

CVE-2026-39376 HIGH

FastFeedParser has an infinite redirect loop DoS via meta-refresh chain

CVE-2026-34211 HIGH

SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser

CVE-2026-3778 MEDIUM

Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader

CVE-2026-34536 MEDIUM

iccDEV: SO in SIccCalcOp::ArgsUsed()

CVE-2026-33532 MEDIUM

yaml is vulnerable to Stack Overflow via deeply nested YAML collections

CVE-2026-4833 LOW

Orc discount Markdown markdown.c compile recursion

CVE-2026-33508 HIGH

Parse Server: LiveQuery subscription query depth bypass

Page 1 of 16 Next

Details

Vulnerabilities 386

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy