CWE-770
High likelihoodAllocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
1,858 vulnerabilities with CWE-770
CVE-2026-25140
HIGH
apko 0.14.8-1.1.1 - Denial of Service via Unbounded APK Decompression
CVSS 7.5
CVE-2026-25122
MEDIUM
apko 0.14.8-1.0.9 - Resource Exhaustion via Unbounded Gzip Stream Inflation
CVSS 5.5
CVE-2026-24514
MEDIUM
ingress-nginx < 1.13.7 and < 1.14.3 - Denial of Service via Validating Admission Controller
CVSS 6.5
CVE-2026-25224
LOW
fastify < 5.7.3 - Denial of Service via Web Streams Response Handling
CVSS 3.7
CVE-2026-24133
MEDIUM
jsPDF < 4.1.0 - Denial of Service via BMP Image Header Processing
CVSS 6.5
CVE-2026-22780
MEDIUM
rizin < 0.8.2 - Heap Overflow via Malicious Mach0 File Parsing
CVSS 4.4
CVE-2026-20406
MEDIUM
Modem - Use After Free
CVSS 6.5
CVE-2026-24738
MEDIUM
gmrtd < 0.17.2 - Uncontrolled Resource Consumption via ReadFile TLV Length Handling
CVSS 6.5
CVE-2026-23881
HIGH
Kyverno < 1.15.3 - Denial of Service via Policy Engine Context Variable Amplification
CVSS 7.7
CVE-2026-22259
HIGH
Suricata < 7.0.14 - Denial of Service via DNP3 Traffic Parsing
CVSS 7.5
CVE-2026-22258
HIGH
Suricata < 7.0.14 - Denial of Service via DCERPC Traffic Buffer Expansion
CVSS 7.5
CVE-2026-1224
MEDIUM
Tanium Discover 4.10.0-4.10.133 - Uncontrolled Resource Consumption
CVSS 4.9
CVE-2026-1102
MEDIUM
GitLab 12.3-18.6.3, 18.7-18.7.1, 18.8-18.8.1 - DoS via Malformed SSH Auth
CVSS 5.3
CVE-2026-24006
HIGH
seroval < 1.4.1 - Denial of Service via Deep Object Serialization
CVSS 7.5
CVE-2026-23963
MEDIUM
Mastodon <4.5.5-4.3.18 - Info Disclosure
CVSS 4.3
CVE-2026-23962
HIGH
Mastodon <4.3.18, <4.4.12, <4.5.5 - DoS
CVSS 7.5
CVE-2026-23957
HIGH
seroval < 1.4.1 - Denial of Service via Array Length Manipulation
CVSS 7.5
CVE-2026-21696
MEDIUM
Pterodactyl Wings 1.7.0-1.11.9 - Uncontrolled Resource Consumption via Activity Log Processing
CVSS 6.5
CVE-2026-23490
HIGH
pyasn1 < 0.6.2 - Denial of Service via Malformed RELATIVE-OID
CVSS 7.5
CVE-2026-22045
MEDIUM
Traefik < 2.11.35 and 3.0-3.6.7 - Denial of Service via ACME TLS-ALPN Challenge
CVSS 5.9
CVE-2026-22803
HIGH
SvelteKit 2.49.0-2.49.4 - Denial of Service via Form Remote Function Memory Exhaustion
CVSS 7.5
CVE-2026-0897
HIGH
Keras 3.0.0-3.13.0 - Denial of Service via HDF5 Weight Loading
CVSS 7.5
CVE-2026-22917
MEDIUM
SICK TDC-X401GL Firmware < 1.5.0 - Denial of Service via Improper Input Handling
CVSS 4.3
CVE-2026-22036
MEDIUM
Undici < 6.23.0 and 7.0.0-7.17.2 - Denial of Service via Decompression Chain Exhaustion
CVSS 5.9
CVE-2026-0543
MEDIUM
Kibana 7.0.0-7.17.29 - Authenticated Denial of Service via Email Connector Address Parameter
CVSS 6.5
Details
Vulnerabilities
1,858
Exploit Likelihood
High