Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2026-42256 MEDIUM

net-imap: Denial of service via high iteration count for `SCRAM-*` authentication

CVE-2026-42294 HIGH

Argo Workflows: Unauthenticated Memory Exhaustion (DoS) in Webhook Interceptor

CVE-2026-42189 HIGH

Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth

CVE-2026-44499 HIGH

ZEBRA: Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer Poisoning

CVE-2026-42793 HIGH

Atom table exhaustion via attacker-controlled GraphQL SDL names in absinthe

CVE-2026-44500 MEDIUM

ZEBRA: Allocation Amplification in Inbound Network Deserializers

CVE-2026-8124 LOW

GPAC box_code_base.c sidx_box_read allocation of resources

CVE-2026-7541 HIGH

GitHub Enterprise Server API - Unauthenticated Denial of Service

CVE-2026-39820 HIGH

Quadratic string concatentation in consumeComment in net/mail

CVE-2026-41685 MEDIUM

Incus: Unbounded binary import disk exhaustion

CVE-2026-41648 MEDIUM

Incus: Unbounded YAML Metadata Decode via Parsing

CVE-2026-41644 HIGH

monetr is vulnerable to server-side request forgery in Lunch Flow link creation and refresh

CVE-2026-41484 MEDIUM

OpenTelemetry.Exporter.OneCollector vulnerable to denial of service via unbounded HTTP error response body

CVE-2026-41483 MEDIUM

Unbounded HTTP response body read in OpenTelemetry.Resources.Azure

CVE-2026-41310 MEDIUM

OpenTelemetry .NET Zipkin exporter has unbounded remote endpoint cache leading to memory growth

CVE-2026-6860 MEDIUM

Eclipse Vert.x 4.3.4-4.5.25, 5.0.0-5.0.10 - Improper Certificate Validation

CVE-2026-32934 HIGH

CoreDNS DNS-over-QUIC unbounded goroutine growth leads to denial of service

CVE-2026-32689 HIGH

Long-poll NDJSON body splitting causes unbounded memory allocation in Phoenix

CVE-2026-29168 HIGH

Apache HTTP Server: mod_md unrestricted OCSP response

CVE-2026-42437 HIGH

OpenClaw 2026.4.9 < 2026.4.10 - Denial of Service via Oversized WebSocket Frames in Voice-call Realtime Path

CVE-2026-7776 HIGH

Boundary Workers Vulnerable to Denial of Service During TLS Handshake

CVE-2026-7768 HIGH

@fastify/accepts-serializer vulnerable to Denial of Service via Unbounded Accept Header Cache Growth

CVE-2026-42236 HIGH

n8n: Unauthenticated Denial of Service via MCP Client Registration

CVE-2026-6948 MEDIUM

Unbounded Memory Allocation in VQLResponse Result-Set Writer

CVE-2026-42788 MEDIUM

HTTP/2 frame size limit checked after body is buffered in bandit

Previous Page 5 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy