Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,720 vulnerabilities with CWE-770

CVE-2026-39804 HIGH

WebSocket permessage-deflate inflate has no output-size cap in bandit

CVE-2026-42786 HIGH

WebSocket fragmented message reassembly unbounded in bandit

CVE-2026-42788 MEDIUM

HTTP/2 frame size limit checked after body is buffered in bandit

CVE-2026-43507 MEDIUM

Prosody < 0.12.6 - Denial of Service

CVE-2026-42198 HIGH

pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoS

CVE-2026-42420 MEDIUM

OpenClaw < 2026.4.8 - Improper Base64 Decoding Size Validation

CVE-2026-41408 MEDIUM

OpenClaw < 2026.3.31 - Disk Exhaustion via Media Download Bypass

CVE-2026-41400 MEDIUM

OpenClaw < 2026.3.31 - Resource Consumption via Oversized WebSocket Frames in voice-call

CVE-2026-41399 HIGH

OpenClaw < 2026.3.28 - Denial of Service via Unbounded Pre-auth WebSocket Upgrades

CVE-2026-32688 HIGH

Atom table exhaustion via HTTP/2 :scheme pseudo-header in plug_cowboy

CVE-2026-42036 MEDIUM

Axios: HTTP adapter streamed responses bypass maxContentLength

CVE-2026-42034 MEDIUM

Axios: HTTP adapter streamed uploads bypass maxBodyLength when maxRedirects: 0

CVE-2026-41324 HIGH

basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()

CVE-2026-41309 HIGH

Open Source Social Network (OSSN) Vulnerable to Resource Exhaustion via Malicious Image Processing

CVE-2026-41173 MEDIUM

Unbounded HTTP response body read in OpenTelemetry.Sampler.AWS

CVE-2026-41078 MEDIUM

OpenTelemetry dotnet: Potential memory exhaustion via unbounded pooled-list sizing in Jaeger exporter conversion path

CVE-2026-34062 MEDIUM

Nimiq has Allocation of Resources Without Limits or Throttling in its libp2p request/response

CVE-2026-1660 MEDIUM

Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-33595 MEDIUM

DoQ/DoH3 excessive memory allocation

CVE-2026-33594 MEDIUM

Outgoing DoH excessive memory allocation

CVE-2026-33254 MEDIUM

Resource exhaustion via DoQ/DoH3 connections

CVE-2026-33260 MEDIUM

Insufficient input validation of internal webserver

CVE-2026-33258 MEDIUM

Crafted zones can cause increased resource usage

CVE-2026-33257 MEDIUM

Insufficient input validation of internal webserver

CVE-2026-33256 MEDIUM

Unbounded memory allocation by internal web server

Page 1 of 69 Next

Details

Vulnerabilities 1,720

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy