Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,720 vulnerabilities with CWE-770

CVE-2026-40036 HIGH

Unfurl < 2026.04 - Denial of Service via Unbounded zlib Decompression

CVE-2026-39414 MEDIUM

MinIO affected a DoS via Unbounded Memory Allocation in S3 Select CSV Parsing

CVE-2026-35401 HIGH

Saleor has a resource exhaustion vulnerability in GraphQL queries

CVE-2026-33756 HIGH

Saleor Affected by Denial of Service via Unbounded GraphQL Query Batching

CVE-2026-32288 MEDIUM

Unbounded allocation for old GNU sparse in archive/tar

CVE-2026-32283 HIGH

Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls

CVE-2026-32280 HIGH

Unexpected work during chain building in crypto/x509

CVE-2026-29181 HIGH

OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)

CVE-2026-5762 MEDIUM

ReportIncident DiscussionTools integration causes slow requests

CVE-2026-35526 HIGH

Strawberry GraphQL affected by a Denial of Service via unbounded WebSocket subscriptions

CVE-2026-35480 MEDIUM

go-ipld-prime's DAG-CBOR decoder unbounded memory allocation from CBOR headers

CVE-2026-35457 HIGH

libp2p-rust has unbounded rendezvous DISCOVER cookies enable remote memory exhaustion

CVE-2026-35405 HIGH

libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers

CVE-2026-33034 HIGH

Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass

CVE-2026-20431 MEDIUM

Mediatek, Inc. MediaTek Chipset < MT6813 - Denial of Service

CVE-2026-35441 MEDIUM

Directus Affected by GraphQL Alias Amplification Denial-of-Service Due to Missing Query Cost/Complexity Limits

CVE-2026-34756 MEDIUM

vLLM Affected by Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server

CVE-2026-34755 MEDIUM

vLLM Affected by Denial of Service via Unbounded Frame Count in video/jpeg Base64 Processing

CVE-2026-34148 HIGH

Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution

CVE-2026-34824 HIGH

Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service

CVE-2026-34052 MEDIUM

LTI JupyterHub Authenticator: Unbounded Memory Growth via Nonce Storage (Denial of Service)

CVE-2026-35562 HIGH

Allocation of resources without limits in parsing components in Amazon Athena ODBC driver

CVE-2026-25043 MEDIUM

Budibase: Unauthenticated Password Reset Endpoint Lacks Rate Limiting, Enabling Email Flooding

CVE-2026-26477 MEDIUM

Dokuwiki 2025-05-14b - DoS

CVE-2026-34827 HIGH

Rack: Algorithmic-Complexity DoS in Rack::Multipart::Parser

Previous Page 3 of 69 Next

Details

Vulnerabilities 1,720

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy