Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-27204 MEDIUM

Wasmtime <24.0.6/36.0.6/40.0.4/41.0.4/42.0.0 - DoS

CVE-2026-25899 HIGH

GoFiber v3 <3.1.0 - Deserialization

CVE-2026-27571 MEDIUM

NATS-Server < 2.11.2 and 2.12.3 - Unauthenticated Denial of Service via WebSocket Compression Bomb

CVE-2026-25985 HIGH

ImageMagick <7.1.2-15/<6.9.13-40 - DoS

CVE-2026-27729 MEDIUM

@astrojs/node 9.0.0-9.5.3 - Unauthenticated Denial of Service via Oversized Server Action Request

CVE-2026-26047 MEDIUM

Moodle 4.5.0-4.5.8 and 5.1.0-beta-5.1.1 - Authenticated Denial of Service via TeX Formula Rendering

CVE-2026-27026 MEDIUM

pypdf < 6.7.1 - Denial of Service via Malformed FlateDecode Stream

CVE-2026-26313 HIGH

go-ethereum < 1.17.0 - Denial of Service via Crafted P2P Message

CVE-2026-26312 MEDIUM

Stalwart Mail Server 0.13.0-0.15.4 - DoS

CVE-2026-25535 HIGH

jsPDF < 4.2.0 - Denial of Service via GIF Image Header Parsing

CVE-2026-26076 HIGH

ntpd-rs < 1.7.1 - Denial of Service via Malformed NTS Packets

CVE-2026-21434 MEDIUM

webtransport-go 0.3.0-0.9.0 - Denial of Service via Oversized WT_CLOSE_SESSION Capsule

CVE-2026-20608 MEDIUM

Safari < 26.3 - Denial of Service via Malicious Web Content

CVE-2026-1837 HIGH

libjxl 0.9-0.11.0 - Memory Corruption via LCMS2 Color Transformation

CVE-2026-1458 MEDIUM

GitLab 8.0-18.6.5, 18.7-18.7.3, 18.8-18.8.3 - Unauthenticated Denial of Service via Malicious File Upload

CVE-2026-1456 MEDIUM

GitLab 18.7-18.7.3 and 18.8-18.8.3 - Unauthenticated Denial of Service via Markdown Preview CPU Exhaustion

CVE-2026-1387 MEDIUM

GitLab 15.6-18.6.6, 18.7-18.7.4, 18.8-18.8.4 - Authenticated Denial of Service via GraphQL File Query

CVE-2026-1850 MEDIUM

MongoDB 8.0.0 through 8.0.18 - Out-Of-Memory Crash via Query Planner

CVE-2026-1848 HIGH

MongoDB 7.0.0-7.0.28 - Denial of Service via Proxy Port Connection Miscount

CVE-2026-1847 MEDIUM

MongoDB 7.0.0-7.0.28 - Denial of Service via Large Document Oplog Replication

CVE-2026-23689 HIGH

SAP Supply Chain Management and Advanced Planning and Optimization - Denial of Service via Resource Consumption

CVE-2026-0398 MEDIUM

PowerDNS Recursor 5.1.0-5.1.9, 5.2.0-5.2.7, 5.3.0-5.3.4 - Resource Exhaustion and Cache Poisoning

CVE-2026-25804 CRITICAL

antrea < 2.3.2 - Incorrect Traffic Enforcement via OpenFlow Priority Calculation Overflow

CVE-2026-25762 HIGH

AdonisJS bodyparser < 10.1.3 - Denial of Service via Multipart File Handling

CVE-2026-25579 MEDIUM

Navidrome < 0.60.0 - Authenticated Denial of Service via Large Cover Art Size Parameter

Previous Page 12 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy