Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-674

CWE-674

Uncontrolled Recursion

Parent: CWE-834 - Excessive Iteration

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

430 vulnerabilities with CWE-674

CVE-2026-32141 HIGH

flatted < 3.4.0 - Denial of Service via Uncontrolled Recursion in parse() Function

CVE-2026-1069 HIGH

GitLab 18.9.0-18.9.1 - Unauthenticated Denial of Service via GraphQL Request

CVE-2026-30980 MEDIUM

iccdev < 2.3.1.5 - Denial of Service via Stack Overflow in CIccBasicStructFactory::CreateStruct()

CVE-2026-29076 MEDIUM

cpp-httplib < 0.37.0 - Denial of Service via RFC 5987 Filename Regex Backtracking

CVE-2026-25048 HIGH

xgrammar <0.1.32 - Memory Corruption

CVE-2026-3520 HIGH

Multer < 2.1.1 - Denial of Service via Malformed Request

CVE-2026-3388 LOW

Squirrel up to 3.2 - Memory Corruption

CVE-2026-3385 LOW

wren-lang wren <=0.4.0 - Memory Corruption

CVE-2026-3384 LOW

ChaiScript < 6.1.0 - Uncontrolled Recursion in AST_Node_Impl Eval Function

CVE-2026-25971 MEDIUM

ImageMagick <7.1.2-15/6.9.13-40 - Memory Corruption

CVE-2026-2887 LOW

aardappel lobster <2025.4 - Memory Corruption

CVE-2026-27014 MEDIUM

NanaZip 5.0.1252.0-6.0.1630.0 - DoS

CVE-2026-2641 LOW

universal-ctags ctags <= 6.2.1 - Uncontrolled Recursion in V Language Parser

CVE-2026-1849 MEDIUM

MongoDB 7.0.0-7.0.28 - Denial of Service via Deeply Nested Document Evaluation

CVE-2026-23066 HIGH

Linux Kernel 4.11.0-6.18.8 - Use-After-Free in rxrpc_recvmsg() Requeue Logic

CVE-2026-22260 HIGH

Suricata 8.0.0-8.0.3 - Denial of Service via Stack Overflow

CVE-2026-24401 MEDIUM

avahi < 0.9 - Denial of Service via Recursive CNAME Record

CVE-2026-0994 HIGH

Protobuf - Denial of Service via Recursion Depth Bypass in Any Message Parsing

CVE-2026-0990 MEDIUM

Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Delegate URI Recursion

CVE-2026-0989 LOW

Red Hat Enterprise Linux - Denial of Service via RelaxNG Parser Recursion

CVE-2026-21500 MEDIUM

iccdev < 2.3.1.2 - Stack Overflow in XML Calculator Macro Expansion

CVE-2025-7010 MEDIUM

Avast antivirus stack overflow when scanning a malformed PDF file

CVE-2025-7005 MEDIUM

Avast antivirus infinite recursion when scanning a malformed PE file

CVE-2025-65519 MEDIUM

mayswind ezbookkeeping <=1.2.0 - DoS

CVE-2025-70957 HIGH

TON Lite Server < 2024.09 - Denial of Service via Malicious Continuation Object Injection

Previous Page 4 of 18 Next

Details

Vulnerabilities 430

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy