Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-62854 File Station 5 — File Station 5 7.5AIHighAI2026-02-11
CVE-2026-25762 AdonisJS vulnerable to Denial of Service (DoS) via Unrestricted Memory Buffering in PartHandler during File Type Detection — core 7.5 High2026-02-06
CVE-2026-25579 Navidrome affected by Denial of Service and disk exhaustion via oversized `size` parameter in `/rest/getCoverArt` and `/share/img/<token>` endpoints — navidrome 6.5AIMediumAI2026-02-04
CVE-2026-25140 apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams — apko 7.5 High2026-02-04
CVE-2026-25122 apko is vulnerable to unbounded resource consumption in expandapk.Split on attacker-controlled .apk streams — apko 5.5 Medium2026-02-04
CVE-2026-22228 Improper Input Validation Leading to DoS on TP-Link Archer BE230 — Archer BE230 v1.2 4.4AIMediumAI2026-02-03
CVE-2026-0599 Unbounded External Image Fetch in Validation Leads to Resource-Exhaustion DoS in huggingface/text-generation-inference — huggingface/text-generation-inference 7.5AIHighAI2026-02-02
CVE-2025-7105 Denial of Service via JavaScript Memory Overflow in danny-avila/librechat — danny-avila/librechat 7.5AIHighAI2026-02-02
CVE-2025-6208 Uncontrolled Memory Consumption in run-llama/llama_index — run-llama/llama_index 7.5 -2026-02-02
CVE-2026-22259 Suricata dnp3: unbounded transaction growth — suricata 7.5 High2026-01-27
CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion — suricata 7.5 High2026-01-27
CVE-2025-55102 Eclipse ThreadX NetX Duo 安全漏洞 — Eclipse ThreadX - NetX Duo 7.5AIHighAI2026-01-27
CVE-2026-24001 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch — jsdiff 7.5AIHighAI2026-01-22
CVE-2026-20080 Cisco IEC6400 Edge Compute Appliance SSH Denial of Service Vulnerability — Cisco Ultra-Reliable Wireless Backhaul 5.3 Medium2026-01-21
CVE-2025-9283 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9282 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9281 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9280 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9279 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9278 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 6.5AIMediumAI2026-01-20
CVE-2025-9466 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9465 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2025-9464 Rockwell Automation ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LT 7.5AIHighAI2026-01-20
CVE-2026-1174 birkir prime GraphQL Alias graphql resource consumption — prime 5.3 Medium2026-01-19
CVE-2026-21696 Endless reprocessing/reupload of activity log data due to SQLite max parameters limit not being considered — wings 7.1AIHighAI2026-01-19
CVE-2025-69199 Pterodactyl Wings's websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks under certain circumstances — panel 7.5AIHighAI2026-01-19
CVE-2025-69198 Pterodactyl's improper resource locking allows raced queries to create more resources than alloted — panel 6.5AIMediumAI2026-01-19
CVE-2026-23842 ChatterBot has Denial of Service via Database Connection Pool Exhaustion — ChatterBot 7.5 High2026-01-19
CVE-2025-15532 Open5GS Timer resource consumption — Open5GS 5.3 Medium2026-01-17
CVE-2026-0992 Libxml2: libxml2: denial of service via crafted xml catalogs — Red Hat Hardened Images 2.9 Low2026-01-15

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.