Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-26130 HIGH

Microsoft.AspNetCore.App.Runtime 8.0.0-8.0.24 - Unauthenticated Denial of Service

CVE-2026-30827 HIGH

express-rate-limit 8.0.0-8.0.1 - DoS

CVE-2026-29795 MEDIUM

stellar-xdr <25.0.1 - Memory Corruption

CVE-2026-26018 HIGH

CoreDNS < 1.14.2 - Denial of Service via Predictable PRNG in Loop Detection Plugin

CVE-2026-29062 HIGH

jackson-core 3.0.0-3.1.0 - Denial of Service via UTF8DataInputJsonParser and ReaderBasedJsonParser

CVE-2026-29612 MEDIUM

OpenClaw < 2026.2.14 - Denial of Service via Large Base64 Media File Decoding

CVE-2026-29609 HIGH

OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-Backed Media Fetch

CVE-2026-28478 HIGH

OpenClaw < 2026.2.13 - Unauthenticated Denial of Service via Webhook Request Body Buffering

CVE-2026-28452 MEDIUM

OpenClaw < 2026.2.14 - Denial of Service via Unguarded Archive Extraction

CVE-2026-28394 MEDIUM

OpenClaw < 2026.2.15 - Denial of Service via Unbounded Response Parsing in Web Fetch Tool

CVE-2026-28342 HIGH

olivetin < 3000.10.2 - Unauthenticated Denial of Service via PasswordHash Endpoint

CVE-2026-26998 MEDIUM

Traefik <2.11.38/3.6.9 - Memory Corruption

CVE-2026-20103 HIGH

Cisco ASA & FTD Unauthenticated DoS via Remote Access SSL VPN

CVE-2026-27932 HIGH

joserfc < 1.6.3 - Unauthenticated Denial of Service via PBES2 Count Parameter

CVE-2026-27601 MEDIUM

Underscore.js < 1.13.8 - Denial of Service via Recursive Data Structure in _.flatten and _.isEqual

CVE-2026-25673 HIGH

Django 6.0-6.0.2/5.2-5.2.11/4.2-4.2.28 - DoS

CVE-2026-27887 MEDIUM

Spin < 3.6.1, SpinKube < 0.6.2, containerd-shim-spin < 0.22.1 - Denial of Service via Unbounded Response Buffering

CVE-2026-27633 HIGH

TinyWeb < 2.02 - Unauthenticated Denial of Service via Large Content-Length Header

CVE-2026-27630 HIGH

TinyWeb < 2.02 - Unauthenticated Denial of Service via Slowloris Attack

CVE-2026-2845 MEDIUM

GitLab 11.2-18.7.4, 18.8-18.8.4, 18.9-18.9.0 - Authenticated Denial of Service via Bitbucket Server Import Endpoint

CVE-2026-1725 MEDIUM

GitLab 18.9 - Unauthenticated Denial of Service via CI Jobs API Endpoint

CVE-2026-1662 HIGH

GitLab 14.4-18.7.4, 18.8-18.8.4, 18.9-18.9.0 - Unauthenticated Denial of Service via Jira Events Endpoint

CVE-2026-3201 MEDIUM

Wireshark 4.6.0-4.6.3/4.4.0-4.4.13 - DoS

CVE-2026-27695 MEDIUM

zae-limiter < 0.10.1 - Denial of Service via DynamoDB Partition Key Collision

CVE-2026-27572 HIGH

Wasmtime <24.0.6/36.0.6/4.0.04/41.0.4/42.0.0 - DoS

Previous Page 11 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy