Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-45352 MEDIUM

cpp-httplib DoS: Negative chunk-size in chunked Transfer-Encoding

CVE-2026-44697 HIGH

Klever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payload

CVE-2026-49324 MEDIUM

Indian Scout Bobber 2025 WCM brute-force

CVE-2026-45023 MEDIUM

AutoGP: Credit system bypassed via direct block execution in POST /api/blocks/{block_id}/execute

CVE-2026-45292 MEDIUM

opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation

CVE-2026-45078 MEDIUM

Synapse CPU starvation (Denial of Service)

CVE-2026-48735 MEDIUM

pypdf: Manipulated XMP metadata streams can exhaust RAM

CVE-2026-44247 MEDIUM

Volcano: Webhook server vulnerable to OOM due to unbounded HTTP request body size

CVE-2026-1402 MEDIUM

Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-6053 MEDIUM

IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables

CVE-2026-1718 HIGH

IBM® Db2® is vulnerable to a denial of service with a specially crafted query when running an AUTONOMOUS procedure

CVE-2026-47067 HIGH

Atom table exhaustion via unrecognized URL schemes in hackney

CVE-2026-42626 MEDIUM

HP ENVY 5000 VERBASPP1N003.2237A.00 - Unauthenticated Denial of Service via Persistent TCP Connection to Port 9100

CVE-2026-44070 LOW

Netatalk 2.0.0-4.4.2 and >=4.5.0 - Authenticated Denial of Service via Charset Conversion

CVE-2026-8488 MEDIUM

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation

CVE-2026-8486 MEDIUM

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation

CVE-2026-8469 HIGH

Unauthenticated denial-of-service via BEAM atom table exhaustion in phoenix_storybook

CVE-2026-9064 HIGH

Red Hat Directory Server - LDAP Controls Denial of Service

CVE-2026-41292 HIGH

Unbound <= 1.25.0 - Denial of Service via EDNS Option Parsing

CVE-2026-45557 MEDIUM

Technitium DNS Server excessive DNSSEC requests

CVE-2026-33232 HIGH

AutoGPT: Unauthenticated DoS via Disk Space Exhaustion

CVE-2026-2325 MEDIUM

Improper Input Validation in MS Teams Meetings API Handler

CVE-2026-44679 MEDIUM

Tuist: Forgot password flow lacks throttling for reset email delivery

CVE-2026-44216 HIGH

Wasmtime: Panic when allocating a table exceeding the size of the host's address space

CVE-2026-8468 HIGH

Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

Previous Page 3 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy