Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-8280 MEDIUM

Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-1659 HIGH

Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-42561 HIGH

Python-Multipart: Denial of Service via unbounded multipart part headers

CVE-2026-28383 MEDIUM

Grafana plugin resources can lead to unbounded memory allocation

CVE-2026-28376 MEDIUM

Grafana Live push endpoint allows unbounded memory allocation leading to OOM

CVE-2026-8466 HIGH

Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy

CVE-2026-42583 HIGH

Netty: Lz4FrameDecoder resource exhaustion

CVE-2026-42582 HIGH

Netty: HTTP/3 QPACK literal unbounded allocation

CVE-2026-44579 HIGH

Next.js: Denial of Service via connection exhaustion in applications using Cache Components

CVE-2026-44004 HIGH

vm2: Host Process OOM DoS via Buffer.alloc (Timeout Bypass)

CVE-2026-44577 MEDIUM

Next.js: Denial of Service in the Image Optimization API

CVE-2026-41227 HIGH

BIG-IP HTTP/2 Layer 7 Dos Protection vulnerability

CVE-2026-40629 HIGH

F5 BIG-IP SSL/TLS - Virtual Server Denial of Service

CVE-2026-40423 HIGH

F5 BIG-IP SIP Profile - TMM Denial of Service

CVE-2026-39803 HIGH

HTTP/1 chunked body reader ignores length cap in bandit

CVE-2026-44931 MEDIUM

malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API

CVE-2026-8202 MEDIUM

Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

CVE-2026-40902 HIGH

PhpSpreadsheet: CPU Denial of Service via Unbounded Row Number in XLSX Row Dimensions

CVE-2026-40863 HIGH

PhpSpreadsheet: CPU Denial of Service via Unbounded Row Index in SpreadsheetML XML Reader

CVE-2026-44240 HIGH

basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering

CVE-2026-44219 LOW

ciguard: SCA HTTP client reads response body without size cap

CVE-2026-42444 LOW

NanaZip: Unbounded resource consumption in NanaZip littlefs parser via attacker-controlled BlockCount

CVE-2026-23826 HIGH

HPE Aruba AOS-8 Network Management Service - Unauthenticated Denial of Service

CVE-2026-41284 HIGH

Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling

CVE-2026-22925 HIGH

Siemens Simatic CN 4100 < V5.0 - Allocation of Resources Without Limits or Throttling

Previous Page 4 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy