Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-674 (未经控制的递归) — Vulnerability Class 135

135 vulnerabilities classified as CWE-674 (未经控制的递归). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2018-25282 Nmap 7.70 Denial of Service via XML Entity Expansion — ZenMap 6.2 Medium2026-04-26
CVE-2026-42039 Axios: unbounded recursion in toFormData causes DoS via deeply nested request data — axios 7.5AIHighAI2026-04-24
CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing — Red Hat Enterprise Linux 10 5.5 Medium2026-04-22
CVE-2026-40879 Nest: DoS via Recursive handleData in JsonSocket (TCP Transport) — nest 7.5 High2026-04-21
CVE-2026-40324 Hot Chocolate's Utf8GraphQLParser has Stack Overflow via Deeply Nested GraphQL Documents — graphql-platform 9.1 Critical2026-04-17
CVE-2026-33947 jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted() — jq 6.2 Medium2026-04-13
CVE-2026-33908 ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree() — ImageMagick 7.5 High2026-04-13
CVE-2026-33902 ImageMagick: Stack Overflow via Recursive FX Expression Parsing — ImageMagick 5.5 Medium2026-04-13
CVE-2026-39376 FastFeedParser has an infinite redirect loop DoS via meta-refresh chain — fastfeedparser 7.5 High2026-04-07
CVE-2026-34211 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser — SandboxJS 7.5AIHighAI2026-04-06
CVE-2026-3778 Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader — Foxit PDF Editor 6.2 Medium2026-04-01
CVE-2026-34536 iccDEV: SO in SIccCalcOp::ArgsUsed() — iccDEV 6.2 Medium2026-03-31
CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections — yaml 4.3 Medium2026-03-26
CVE-2026-4833 Orc discount Markdown markdown.c compile recursion — discount 3.3 Low2026-03-26
CVE-2026-33508 Parse Server: LiveQuery subscription query depth bypass — parse-server 7.5 -2026-03-24
CVE-2026-33498 Parse Server: Query condition depth bypass via pre-validation transform pipeline — parse-server 7.5 -2026-03-24
CVE-2026-33320 Dasel has unbounded YAML alias expansion in dasel leads to CPU/memory denial of service — dasel 6.2 Medium2026-03-24
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads — cbor2 7.5 -2026-03-23
CVE-2026-32933 AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion — AutoMapper 7.5 High2026-03-20
CVE-2026-32944 Parse Server crash via deeply nested query condition operators — parse-server 7.5 -2026-03-18
CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion — pyasn1 7.5 High2026-03-18
CVE-2026-31899 CairoSVG vulnerable to Exponential DoS via recursive <use> element amplification — CairoSVG 7.5 High2026-03-13
CVE-2026-32141 flatted: Unbounded recursion DoS in parse() revive phase — flatted 7.5 High2026-03-12
CVE-2026-1069 Uncontrolled Recursion in GitLab — GitLab 7.5 High2026-03-11
CVE-2026-29076 cpp-httplib: Stack Overflow Denial of Service (DoS) via std::regex in multipart filename parsing — cpp-httplib 5.9 Medium2026-03-07
CVE-2026-25048 xgrammar: Multi-layer nesting causes DoS — xgrammar 7.5 -2026-03-05
CVE-2026-3520 Multer vulnerable to Denial of Service via uncontrolled recursion — multer 7.5 -2026-03-04
CVE-2026-3388 Squirrel sqcompiler.cpp UnaryOP recursion — Squirrel 3.3 Low2026-03-01
CVE-2026-3385 wren-lang wren wren_compiler.c resolveLocal recursion — wren 3.3 Low2026-03-01
CVE-2026-3384 ChaiScript chaiscript_eval.hpp Function_Push_Pop recursion — ChaiScript 3.3 Low2026-03-01

Vulnerabilities classified as CWE-674 (未经控制的递归) represent 135 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.