Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-29772 MEDIUM

Astro: Memory exhaustion DoS due to missing request body size limit in Server Islands

CVE-2026-3260 MEDIUM

Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests

CVE-2026-33241 HIGH

Salvo < 0.89.3 - Denial of Service via Unbounded Form Data Parsing

CVE-2026-33176 HIGH

ActiveSupport < 8.1.2.1, < 8.0.4.1, < 7.2.3.1 - Denial of Service via BigDecimal Scientific Notation Expansion

CVE-2026-33483 HIGH

AVideo Affected by Unauthenticated Disk Space Exhaustion via Unlimited Temp File Creation in aVideoEncoderChunk.json.php

CVE-2026-32049 HIGH

OpenClaw < 2026.2.22 - Denial of Service via Inbound Media Download Byte Limit Bypass

CVE-2026-33155 HIGH

DeepDiff has Memory Exhaustion DoS through SAFE_TO_IMPORT

CVE-2026-33012 HIGH

Micronaut Framework vulnerable to a Denial of Service in HTML error response caching

CVE-2026-32941 MEDIUM

Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports

CVE-2026-32011 HIGH

OpenClaw < 2026.3.2 - Slow-Request Denial of Service via Pre-Auth Webhook Body Parsing

CVE-2026-28461 HIGH

OpenClaw < 2026.3.1 - Unbounded Memory Growth in Zalo Webhook via Query String Key Churn

CVE-2026-29112 HIGH

@dicebear/converter vulnerable to ncontrolled memory allocation via crafted SVG dimensions

CVE-2026-27979 HIGH

Next.js 16.0.1-16.1.6 - Postponed Resume Buffering Denial of Service

CVE-2026-1376 HIGH

IBM i 7.6 - Denial of Service via Failed Authentication Connections

CVE-2026-24458 HIGH

DoS attack via login attempts with multi-megabyte passwords

CVE-2026-30961 MEDIUM

Gokapi < 2.2.4 - Unauthenticated Resource Exhaustion via Chunked Upload Bypass

CVE-2026-22182 HIGH

wpDiscuz < 7.6.47 - Unauthenticated Denial of Service via Notification Email Flood

CVE-2026-2581 MEDIUM

Undici 6.24.0-7.23.9 - Denial of Service via Deduplication Interceptor Memory Accumulation

CVE-2026-31890 MEDIUM

inspektor-gadget < 0.50.1 - Denial of Service via Ring-Buffer Overflow

CVE-2026-31961 MEDIUM

anchore/quill < 0.7.1 - Denial of Service via Mach-O Binary Parsing

CVE-2026-31960 MEDIUM

anchore/quill < 0.7.1 - Denial of Service via Unbounded HTTP Response Body Read

CVE-2026-31866 HIGH

flagd < 0.14.2 - Unauthenticated Denial of Service via Large Evaluation Context Payload

CVE-2026-32062 HIGH

OpenClaw 2026.2.21-2-2026.2.22 & @openclaw/voice-call 2026.2.21-2026.2.22 - DoS via Media-Stream WebSocket

CVE-2026-31826 MEDIUM

pypdf < 6.8.0 - Denial of Service via Large /Length Value in Content Stream

CVE-2026-30946 HIGH

Parse Server <9.5.2-alpha.2/8.6.15 - DoS

Previous Page 10 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy