Skip to main content

Denial of Service

other MEDIUM

Denial of Service attacks render applications or systems unavailable by overwhelming resources or triggering failure conditions.

How It Works

Denial of Service attacks render applications or systems unavailable by overwhelming resources or triggering failure conditions. Attackers exploit asymmetry: minimal attacker effort produces disproportionate resource consumption on the target. Application-level attacks use specially crafted inputs that trigger expensive operations—a regex engine processing malicious patterns can backtrack exponentially, or XML parsers recursively expand entities until memory exhausts. Network-level attacks flood targets with connection requests or amplify traffic through reflection, but application vulnerabilities often provide the most efficient attack surface.

The attack typically begins with reconnaissance to identify resource-intensive operations or unprotected endpoints. For algorithmic complexity attacks, adversaries craft inputs hitting worst-case performance—hash collision inputs filling hash tables with collisions, deeply nested JSON triggering recursive parsing, or pathological regex patterns like (a+)+b against strings of repeated 'a' characters. Resource exhaustion attacks open thousands of connections, upload massive files to unbounded storage, or trigger memory leaks through repeated operations. Crash-based attacks target error handling gaps: null pointer dereferences, unhandled exceptions in parsers, or assertion failures that terminate processes.

Impact

  • Service unavailability preventing legitimate users from accessing applications during attack duration
  • Revenue loss from downtime in e-commerce, SaaS platforms, or transaction processing systems
  • Cascading failures as resource exhaustion spreads to dependent services or database connections pool out
  • SLA violations triggering financial penalties and damaging customer trust
  • Security team distraction providing cover for data exfiltration or intrusion attempts running concurrently

Real-World Examples

CVE-2018-1000544 in Ruby's WEBrick server allowed ReDoS through malicious HTTP headers containing specially crafted patterns that caused the regex engine to backtrack exponentially, freezing request processing threads. A single attacker could saturate all available workers.

Cloudflare experienced a global outage in 2019 when a single WAF rule containing an unoptimized regex hit pathological cases on legitimate traffic spikes. The .*(?:.*=.*)* pattern exhibited catastrophic backtracking, consuming CPU cycles across their edge network until the rule was disabled.

CVE-2013-1664 demonstrated XML bomb vulnerabilities in Python's XML libraries. Attackers uploaded XML documents with nested entity definitions-each entity expanding to ten copies of the previous level. A 1KB upload could expand to gigabytes in memory during parsing, crashing applications instantly.

Mitigation

  • Strict input validation enforcing size limits, complexity bounds, and nesting depth restrictions before processing
  • Request rate limiting per IP address, API key, or user session with exponential backoff
  • Timeout enforcement terminating operations exceeding reasonable execution windows (typically 1-5 seconds)
  • Resource quotas limiting memory allocation, CPU time, and connection counts per request or tenant
  • Regex complexity analysis using linear-time algorithms or sanitizing patterns to eliminate backtracking
  • Circuit breakers automatically rejecting requests when error rates or latency thresholds indicate degradation
  • Load balancing and autoscaling distributing traffic across instances with automatic capacity expansion

Recent CVEs (36508)

EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in MongoDB Server 7.0, 8.0, and 8.2 allows authenticated remote attackers to crash the database by inserting documents that trigger updates to a maliciously created '2dsphere_bucket' or 'queryable_encrypted_range' index on a non-timeseries bucket collection. The flaw stems from a reachable assertion (CWE-617) and is reported by MongoDB itself with a vendor patch available; no public exploit identified at time of analysis.

Denial Of Service Mongodb Server
NVD
EPSS 0% CVSS 9.9
CRITICAL PATCH Act Now

Broken access control in Arcane's GitOps backend (versions <= 1.18.1) allows any authenticated low-privilege user to exfiltrate plaintext Git credentials (PATs/SSH keys) stored for source-of-truth repositories. Eight of nine /api/customize/git-repositories endpoints omit the checkAdmin() gate, letting a 'user' role attacker repoint a repository URL to an attacker-controlled host and trigger a /test or /branches call that transmits the decrypted token via HTTP Basic auth. No public exploit identified at time of analysis, but the GHSA advisory documents a complete attack chain and a patched release (1.19.0) is available.

Authentication Bypass Gitlab Privilege Escalation +2
NVD GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Prototype pollution in the npm package form-data-objectizer (<= 1.0.0) lets unauthenticated remote attackers mutate Object.prototype by submitting a single HTTP form field whose name uses bracket notation such as __proto__[polluted] or constructor[prototype][polluted]. The defect lives in treatInitial/treatSecond inside index.cjs, where an 'in' check walks the prototype chain and lets the parser write to inherited properties. CVSS is 8.2 (High) with Integrity:High; publicly available exploit code exists (working PoC published in the GHSA advisory), but there is no public exploit identified as being used in attacks and no CISA KEV listing.

Prototype Pollution Node.js Denial Of Service
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in GnuTLS affects the Datagram Transport Layer Security (DTLS) packet reordering logic, where the comparator function fails to correctly handle packets with duplicate sequence numbers. Remote unauthenticated attackers can send specially crafted DTLS packet sequences to trigger unstable ordering or undefined behavior, causing service disruption. No public exploit identified at time of analysis, and the issue is rated CVSS 7.5 (High) for availability impact only.

Denial Of Service Gnutls Hardened Images +12
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in M-Files Server versions prior to 26.5.16015.0, 26.2 LTS, and 25.8 LTS SR3 allows an authenticated remote attacker to crash the MFserver process, disrupting document management services for all connected users. The flaw is reachable over the network with low privileges and no user interaction, but has no impact on confidentiality or integrity. No public exploit identified at time of analysis, and the issue is not present in CISA KEV.

Denial Of Service M Files Server
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Mattermost Desktop App can be repeatedly crashed by malicious server administrators through JavaScript URL injection in pop-up windows. Attackers controlling a Mattermost server can force connected desktop clients to become unusable by exploiting improper URL validation, requiring user interaction (connecting to the malicious server). No public exploit code identified at time of analysis, though the attack method is trivial to implement given the disclosed details.

Mattermost Denial Of Service
NVD VulDB
EPSS 0% CVSS 3.5
LOW Monitor

Mattermost Desktop App can be crashed remotely by malicious server administrators or plugin developers exploiting insufficient isolation of server-rendered content. Authenticated attackers with low-privilege server access who can control rendered content (via compromised server, malicious plugin, or modified server responses) can invoke window.close() to terminate the desktop client, causing a client-side denial of service. EPSS data not available; no public exploit code identified at time of analysis. CVSS 3.5 (Low severity) reflects limited impact scope - disruption to individual user sessions rather than system-wide compromise.

Mattermost Denial Of Service
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Memory exhaustion denial of service in Mattermost Server versions 11.5.x through 11.5.1, 10.11.x through 10.11.13, and 11.4.x through 11.4.3 allows authenticated attackers to crash the server by uploading maliciously crafted 7zip archives containing excessive folder declarations. The vulnerability stems from insufficient validation of 7zip archive structure before decompression, enabling resource exhaustion attacks with low attack complexity. EPSS data not available, not listed in CISA KEV, indicating no confirmed widespread exploitation at time of analysis.

Mattermost Denial Of Service
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Resource exhaustion in Mattermost Server 10.11.x through 11.5.1 allows authenticated users to trigger denial of service by sending oversized HTTP POST requests to the /api/v1/meetings endpoint. The vulnerability affects three active release branches with no request size validation on the meeting start API. EPSS data not available; no confirmed active exploitation (not in CISA KEV); authentication requirement (PR:L) reduces immediate exposure to internal or compromised users. Vendor advisory MMSA-2026-00608 confirms the issue.

Mattermost Denial Of Service
NVD
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Null pointer dereference in OMEC Project AMF (Access and Mobility Management Function) versions up to 2.1.3-dev allows authenticated remote attackers to trigger denial of service via crafted NGAP UERadioCapabilityCheckResponse messages. The vulnerability exists in ngap/dispatcher.go where insufficient null pointer validation permits exploitation through the 5G network interface. Public exploit code exists (GitHub issue #675), and vendor-released patch v2.2.0 is available via PR #666, which also addresses multiple related security issues in NGAP message handling and mobile identity parsing.

Denial Of Service Null Pointer Dereference Amf
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Remote denial of service in omec-project AMF versions up to 2.1.3-dev allows authenticated attackers to crash the Access and Mobility Management Function via crafted NGAP messages that trigger null pointer dereference in ngap/handler.go. Public exploit code exists (GitHub issue #674). Affects OMEC 5G core network deployments. Patched in version 2.2.0 via PR #666, which addresses multiple security issues including malformed SUCI handling and missing null checks across NGAP message parsing.

Denial Of Service Null Pointer Dereference Amf
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Null pointer dereference in OMEC Project AMF versions up to 2.1.3-dev allows remote authenticated attackers to trigger denial of service via crafted NGAP messages to the RANConfiguration function. The vulnerability (CVE-2026-8781) affects the Access and Mobility Management Function component of the Open Mobile Evolved Core, a critical element in 5G networks. Publicly available exploit code exists (GitHub issue #673), but CVSS 2.1 (Low) reflects limited availability impact and low-privilege authentication requirement. Vendor-released patch: version 2.2.0 (GitHub PR #666).

Denial Of Service Null Pointer Dereference Amf
NVD VulDB GitHub
EPSS 0% CVSS 7.5
HIGH This Week

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x02 (Identifier Rejected) but fails to explicitly close the TCP connection. Since the surrounding connection teardown logic is not guaranteed to execute, each such invalid CONNECT attempt leaves the underlying socket open. Repeated attempts cause server-side resource exhaustion due to accumulating file descriptors and memory usage, potentially resulting in denial of service.

Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Resource exhaustion in Vercel AI SDK's provider-utils package (versions ≤3.0.97) allows authenticated remote attackers to consume excessive system resources via specially crafted requests to JSON response handlers. Public proof-of-concept exists. EPSS data not available. Not listed in CISA KEV. CVSS 4.0 score of 2.1 reflects low availability impact (VA:L) with authenticated network access (PR:L). Vendor non-responsive to initial disclosure.

Denial Of Service Ai Vercel
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Use-after-free vulnerability in Open5GS NRF component (versions up to 2.7.7) allows authenticated remote attackers to trigger denial of service via the discover_handler function in nghttp2-server.c. Publicly available exploit code exists (GitHub issue #4476), but vendor has not responded to early disclosure. EPSS data not available; CVSS 4.3 (Medium) reflects limited scope (DoS only, authenticated access required). Not listed in CISA KEV, indicating no confirmed widespread exploitation despite public POC.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Remote authenticated denial of service in Open5GS versions up to 2.7.7 allows attackers to crash the AUSF (Authentication Server Function) component via crafted timer manipulation. The vulnerability resides in ogs_timer_add function within nausf-handler.c. Public exploit code exists via GitHub issue #4472, though vendor has not responded to disclosure. EPSS data unavailable; CVSS 4.0 scores only 2.1 due to low availability impact and authenticated requirement, but the existence of public exploit elevates practical risk for exposed 5G core deployments.

Denial Of Service Open5gs
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Denial of service in Open5GS NRF (Network Repository Function) allows authenticated remote attackers to crash the service by exhausting the nf_service resource pool. Open5GS versions up to 2.7.7 fail to validate pool allocation during NF service registration, triggering assertion failures that terminate the process. Publicly available exploit code exists (GitHub issue #4466). EPSS data not available, not listed in CISA KEV. Patch released via commit 819db11a08b9736a3576c4f99ceb28f7eb99523a, merged in PR #4534.

Denial Of Service Open5gs
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Denial of service vulnerability in Open5GS NRF client management (versions ≤2.7.7) allows authenticated remote attackers to crash the Network Repository Function service via malformed client pool arguments. Public exploit code exists (GitHub issue #4464), but vendor has not responded to disclosure. CVSS base score of 4.3 reflects low severity due to limited availability impact and authentication requirement. EPSS data not provided; KEV status not applicable for this unpatched issue.

Denial Of Service Open5gs
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Denial of service in Open5GS versions up to 2.7.6 allows authenticated remote attackers to crash the Network Repository Function (NRF) component via crafted nfInstanceId parameter manipulation in the ogs_sbi_nf_instance_set_id function. Publicly available exploit code exists (GitHub issue #4462), but vendor has not responded to early responsible disclosure. EPSS data not available, not listed in CISA KEV. CVSS 4.3 (Medium) reflects low impact (availability only) and authenticated attack vector.

Denial Of Service Open5gs
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Denial of service in Open5GS versions up to 2.7.7 allows authenticated remote attackers to crash the Network Repository Function (NRF) component by manipulating service-names or snssais parameters in SBI messages. A public proof-of-concept exploit exists via GitHub issue #4460, and the vendor has not responded to the early disclosure. EPSS data unavailable, but the low CVSS 4.3 score reflects limited impact (availability only, authenticated access required), reducing real-world urgency for most deployments.

Denial Of Service Open5gs
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC Monitor

Denial of service in Open5GS versions up to 2.7.7 allows authenticated remote attackers to crash the Network Repository Function (NRF) component via malformed target-plmn-list parameters. The vulnerability targets a parsing function in the Service-Based Interface (SBI) library and has publicly available exploit code (GitHub issue #4458). CVSS 4.3 reflects low severity, but the vendor has not responded to early disclosure attempts, leaving no confirmed patch timeline. EPSS and KEV data unavailable - exploitation likelihood beyond POC unknown.

Denial Of Service Open5gs
NVD VulDB GitHub
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

The qs Node.js library (versions 6.11.1 through 6.15.1) crashes with a synchronous TypeError when stringify is called with both arrayFormat: 'comma' and encodeValuesOnly: true on arrays containing null or undefined elements. Applications using these non-default options together will experience request failures (typically 500 errors in web frameworks) when processing user input with null array values. The vulnerability was introduced in commit 4c4b23d (PR #463, January 2023) and patched in v6.15.2 (commit 21f80b3). No public exploit or CISA KEV listing identified at time of analysis, though exploitation requires only crafting JSON input with null array elements.

Denial Of Service Node.js Null Pointer Dereference
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH POC This Week

Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.7
HIGH POC This Week

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Sticky Notes Color Widgets
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.7
HIGH POC This Week

My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service My Notes Safe
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH POC This Week

Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Macaron Notes Gear Notebook
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH POC This Week

Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Color Notes
NVD Exploit-DB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Internet Download Manager
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH This Week

Memory corruption in radare2 6.1.5's GDB client allows remote attackers to crash the application or potentially execute code through malformed thread information responses. The vulnerability triggers when the GDB remote protocol's qsThreadInfo command fails after qfThreadInfo has allocated memory, causing a use-after-free condition. While no public exploits have been identified, the CVSS 8.7 score reflects the potential for remote unauthenticated denial of service impact.

Denial Of Service RCE Buffer Overflow +3
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Denial of service vulnerability in coreMQTT versions before 5.0.1 allows remote MQTT brokers to crash client applications through malformed MQTT v5.0 property packets. The vulnerability stems from missing bounds validation in the property parser, enabling out-of-bounds read conditions (CWE-125). Amazon Web Services has issued a security bulletin and released version 5.0.1 to address this issue.

Buffer Overflow Information Disclosure Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH POC This Week

WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service WordPress
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Remote attackers can trigger memory corruption in radare2 6.1.5 through its GDB remote debugging interface, causing denial of service or potentially achieving code execution. The use-after-free vulnerability in gdbr_threads_list() occurs when processing a valid qfThreadInfo response followed by a malformed qsThreadInfo response, leading to improper memory management. VulnCheck reported this issue and vendor patch commit c213ad6894a1eb9086ac8bf5fae35757e9e1683c addresses the vulnerability.

Denial Of Service RCE Buffer Overflow +3
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote denial-of-service vulnerability in Nimiq full nodes allows unauthenticated attackers to crash nodes by publishing malformed Kademlia DHT records with incorrect Ed25519 signature lengths. The vulnerability triggers a panic in the Ed25519 signature verification code when processing DHT records with signatures not exactly 64 bytes. Vendor-released patch: v1.4.0.

Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Memory exhaustion vulnerability in Nodemailer smtp-server before v3.18.3 enables remote denial of service attacks through unbounded command line processing. The vulnerability allows unauthenticated attackers to crash SMTP services by sending oversized commands that exhaust server memory. Public exploit code exists and the issue is rated as highly automatable by CISA SSVC framework, though not yet listed in CISA KEV.

Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Unauthenticated attackers can modify Smartcat API credentials in the Smartcat Translator for WPML plugin through a missing capability check on the 'routeData' REST endpoint, allowing hijacking of translation services or denial of service. All versions through 3.1.77 are affected. The vulnerability requires only network access and no user interaction, making it remotely exploitable by any unauthenticated actor against default WordPress configurations running the vulnerable plugin.

Authentication Bypass Denial Of Service WordPress
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine (VM) to perform unauthorized access to specific victim range of GPU MMIO register. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Amd Radeon Pro V710
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.

Privilege Escalation Denial Of Service Amd Ryzen 4000 Series Mobile Processors With Radeon Graphics +32
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Buffer overflow in AMD Sensor Fusion Hub Driver allows local authenticated attackers to write out of bounds, causing denial of service or system crash. The vulnerability affects multiple Ryzen processor families (4000, 5000, 7000, 7020, 7030, 7035, 7040 series and Ryzen AI 300 series) with Radeon integrated graphics across Windows mobile and desktop platforms. No active exploitation has been confirmed at time of analysis.

Denial Of Service Amd Buffer Overflow
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Arbitrary code execution and denial of service in AMD Platform Management Framework (PMF) affects Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. A local authenticated attacker exploiting an unchecked return value vulnerability can write to arbitrary memory locations, potentially escalating privileges from low to high integrity across system boundaries. The CVSS 4.0 score of 7.1 reflects local attack vector with low complexity but requires specific attack timing conditions (AT:P), though the cross-scope impact (S:H) and high confidentiality/integrity impact to subsequent systems elevate real-world risk for enterprise environments with AMD mobile processors.

Denial Of Service Amd RCE
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Buffer overflow in the AMD Secure Processor (ASP) PCI driver affects dozens of AMD Ryzen, EPYC, and Threadripper processor families across desktop, mobile, and embedded variants. Local attackers with user-level privileges can trigger improper input validation in the driver to cause a crash or denial of service, with potential for integrity impact. The vulnerability requires local access and authenticated user privileges; no active exploitation in the wild has been confirmed, and vendor-released patches are available.

Denial Of Service Amd Buffer Overflow
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM This Month

Use-After-Free vulnerability in the AMD Secure Processor (ASP) PCI driver affects multiple Ryzen, Threadripper, EPYC, and Athlon processor families due to improper input validation. A local attacker with user-level privileges can trigger the UAF condition, resulting in denial of service via platform crash or potential loss of platform integrity. Vendor-released patch: AMD Ryzen Chipset Driver 7.02.13.148 (or equivalent Catalyst driver versions for embedded SKUs). No public exploit identified at time of analysis.

Denial Of Service Amd Use After Free +1
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM This Month

Stack exhaustion in MongoDB PHP driver allows remote denial of service when processing deeply nested BSON documents from untrusted sources. Unauthenticated attackers can crash applications by sending maliciously crafted BSON payloads with excessive nesting levels, affecting all versions of the PHP driver that parse BSON without depth limits. The vulnerability requires high attack complexity but results in complete availability loss.

Denial Of Service PHP
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forgot password flow allows an unauthenticated attacker to repeatedly trigger password reset emails for a known account without server-side throttling. In self-hosted deployments, this can be abused to send large volumes of unwanted email and consume downstream email delivery resources. This vulnerability is fixed in 1.180.10.

Denial Of Service
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Regular expression denial of service (ReDoS) in Svelte 5.51.5 through 5.55.6 allows attackers to cause application hang or crash by passing unconstrained-length tag names to the `<svelte:element>` component, triggering exponential regex evaluation time in the runtime tag validation logic. The vulnerability requires applications to accept user-controlled tag input without length or content restrictions.

Denial Of Service Red Hat
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Excessive memory allocation in devalue.parse (npm package) allows remote attackers to exhaust process memory via crafted sparse array payloads. Affects versions 5.6.3 through 5.8.0. Exploits JavaScript engine behavior where declaring large array lengths triggers eager memory allocation in V8, enabling denial-of-service with minimal payload size. Vendor-released patch 5.8.1 forces sparse allocation by touching MAX_ARRAY_INDEX before setting length. No active exploitation confirmed (not in CISA KEV), but publicly available exploit code exists in security advisory test cases.

Denial Of Service
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Cross-Site Request Forgery via image URL manipulation in Open WebUI allows authenticated users to perform unauthorized actions on behalf of victims by embedding malicious image URLs in profile pictures, model images, shared chats, and notes. When any user (including admins) views these compromised images, their browser sends GET requests to attacker-controlled servers, enabling cookie theft, denial of service, or execution of sensitive operations. Publicly available proof-of-concept code demonstrates exploitation across multiple attack vectors. The vulnerability affects all versions up to and including v0.9.2, with a vendor-released patch available in v0.9.3.

Denial Of Service Information Disclosure CSRF
NVD GitHub
EPSS 0% CVSS 2.5
LOW PATCH Monitor

libsixel versions prior to 1.8.7-r2 crash on memory allocation failure in sixel_decode_raw and sixel_decode functions due to incorrect NULL pointer validation, allowing local attackers to trigger denial of service under low-memory conditions. The vulnerability affects any application using libsixel's public decoding APIs when system memory pressure causes malloc to fail.

Denial Of Service Null Pointer Dereference Libsixel
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Microsoft Use After Free +5
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free +6
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free +5
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free +5
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Heap buffer overflow in OpenImageIO 3.0.x (before 3.0.18.0) and 3.1.x (before 3.1.13.0) allows remote attackers to achieve denial of service or potentially arbitrary code execution via crafted DPX image files. The vulnerability stems from signed integer overflow in buffer size calculations within the DPX color converter, causing undersized heap allocations. Attack requires victim to open a malicious DPX file (user interaction required per CVSS UI:R). No public exploit code or active exploitation confirmed at time of analysis, though the technical details in the GitHub advisory provide sufficient detail for proof-of-concept development.

Integer Overflow Denial Of Service RCE +2
NVD GitHub VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Integer division by zero in GStreamer gst-plugins-good before version 1.28.2 allows local attackers to cause denial of service by supplying a maliciously crafted MP4 file with invalid atom data in audio tracks, triggering a crash in the qtdemux_audio_caps parser function without requiring user interaction or elevated privileges.

Denial Of Service Suse
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Integer division by zero in GStreamer gst-plugins-good before version 1.28.2 allows local attackers to cause denial of service by crafting malicious MP4 audio files. The isomp4 plugin's qtdemux_parse_trak function fails to validate atom data before performing division operations, causing application crash when parsing specially crafted audio tracks. No authentication required; exploitation requires only local file access and media playback.

Denial Of Service Suse
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unbounded memory allocation and CPU exhaustion in OpenTelemetry Java SDK's baggage propagation allows remote unauthenticated attackers to degrade or deny service by sending oversized baggage headers. Affected components - W3CBaggagePropagator, JaegerPropagator, and OtTracePropagator - all lacked enforcement of the W3C Baggage specification's recommended size and entry limits, causing character-by-character parsing of arbitrarily large inputs. A distinctive amplification risk exists: baggage is automatically re-injected into all outgoing requests, meaning a single malicious inbound payload can fan out DoS effects to downstream services that never directly received the original request. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.

Tomcat Java Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Matrix Synapse homeserver versions prior to 1.152.1 allow authenticated local users to trigger CPU starvation that denies service to other users by exploiting unbounded lock timeout intervals in the WorkerLock implementation. Synapse deployments that do not trust all local users face service availability risk from malicious authenticated accounts. Vendor-released patch available in version 1.152.1 (GitHub commit 3f58bc50dfba5768ee43ce48c5e74c25ba0b078a confirms fix). No public exploit identified at time of analysis, though the attack mechanism is straightforward for any authenticated user.

Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Infinite recursion in Vvveb admin controller exhausts PHP memory through repeated permission checks when low-privilege users access forbidden admin URLs. Sustained requests deplete worker memory causing site-wide denial of service. Fixed in version 1.0.8.3 via commit c766e84b which removes Base class inheritance from Error403 controller to break the dispatch cycle. No evidence of active exploitation but trivial to reproduce with authenticated low-privilege account.

Denial Of Service PHP Information Disclosure
NVD GitHub
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Fleet server crashes from a single malformed gRPC request to the PublishLogs endpoint, allowing complete denial of service. An attacker with any enrolled Launcher node key can terminate the Fleet server process instantly via a crafted gRPC call. CVSS 8.7 (High) reflects the ease and impact, though exploitation requires prior enrollment of a Launcher host. Vendor-released patch version 4.81.0 available. No public exploit identified at time of analysis, but attack requires minimal sophistication given authenticated access.

Authentication Bypass Privilege Escalation Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in PostgreSQL allows remote unauthenticated attackers to crash the database server via recursive SSL/GSS negotiation when connecting to AF_UNIX or TCP sockets (if SSL and GSS are both disabled). Affects all PostgreSQL versions prior to 18.4, 17.10, 16.14, 15.18, and 14.23. No active exploitation confirmed (not in CISA KEV). Vendor-released patches available across all supported major versions. EPSS data not available, but CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) indicates high availability impact with low barrier to exploitation.

Denial Of Service PostgreSQL Suse
NVD VulDB
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Memory exhaustion in Elixir Plug 1.4.0 through 1.19.1 allows remote unauthenticated attackers to crash BEAM VM processes via unbounded buffer accumulation during multipart/form-data header parsing. The vulnerability mirrors CVE-2026-8466 in Cowboy: read_part_headers/2 recursively accumulates incoming bytes without size limits when parsing malformed multipart requests that never deliver complete header sections. Vendor-released patches available for all affected branches. No public exploit identified at time of analysis, but exploitation requires only basic HTTP client tools.

Denial Of Service Plug
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

GitLab CE and EE are vulnerable to authenticated denial of service through excessive memory consumption, affecting all installations from version 8.3 up to the patched releases. An authenticated user with minimal privileges can submit maliciously crafted input that bypasses proper validation, causing the server to allocate memory without adequate bounds until service degradation or outage occurs. EPSS is low at 0.06% (18th percentile), no active exploitation is confirmed (CISA KEV absent, SSVC exploitation status: none), and a vendor patch was released on May 13, 2026.

Denial Of Service Gitlab
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in GitLab CE/EE allows unauthenticated remote attackers to disrupt service availability by sending specially crafted requests that exploit insufficient input validation. Affected versions span 9.0 through 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 across both Community and Enterprise editions, with no public exploit identified at time of analysis and a low EPSS score (0.04%) indicating limited near-term exploitation likelihood despite the network-reachable attack surface.

Denial Of Service Gitlab
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Denial-of-service in GitLab Enterprise Edition allows a crafted file upload to exhaust service availability through improper deserialization validation. The vulnerability spans an exceptionally wide range, affecting all GitLab EE instances from version 11.9 through the 18.11 line until patched releases. There is no public exploit identified at time of analysis and EPSS sits at 0.02% (4th percentile), indicating low observed exploitation pressure, though the breadth of the affected version range means unpatched installations represent a meaningful attack surface for availability disruption.

Gitlab Deserialization Denial Of Service
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in GitLab Community and Enterprise Editions (versions 18.5 through 18.11.2) allows remote unauthenticated attackers to exhaust resources by submitting specially crafted JSON payloads that bypass input validation. The flaw is network-reachable with low complexity and no authentication required, but only impacts availability (CVSS 7.5, A:H). No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04% (11th percentile), though CISA SSVC flags the issue as automatable.

Denial Of Service Gitlab
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in GitLab Community and Enterprise Edition versions 18.5 through 18.11.2 allows unauthenticated remote attackers to disrupt service availability by sending specially crafted payloads to certain API endpoints. The flaw maps to CWE-1284 (improper validation of specified quantity in input) and has been patched in 18.9.7, 18.10.6, and 18.11.3. No public exploit identified at time of analysis and EPSS probability is very low (0.03%, 9th percentile), but the SSVC framework flags the attack as automatable with partial technical impact.

Denial Of Service Gitlab
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Infinite loop denial-of-service in OpenStack Ironic's image handling allows low-privileged authenticated attackers to exhaust conductor resources by supplying file:///dev/zero as an image URL, triggering unbounded checksum calculations that never terminate. All Ironic versions from 0 through 35.x prior to commit a3f6d73 are affected. No public exploit independently confirmed but SSVC data indicates proof-of-concept exists; EPSS sits at 0.01% (2nd percentile), consistent with low widespread exploitation likelihood despite the poc signal.

Denial Of Service Ironic
NVD VulDB
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

{ isRaw: true }]` tuple, which is passed directly into Knex's `db.connection.raw()` without sanitization. Affected versions are @strapi/content-type-builder <=5.33.1 (v5) and @strapi/plugin-content-type-builder <=4.26.0 (v4), with impact ranging from arbitrary file read and denial of service to remote code execution on database engines that permit external program execution. No public exploit identified at time of analysis; EPSS is low at 0.13% and CISA SSVC notes exploitation status of 'none', though vendor-confirmed remediation is available.

Denial Of Service SQLi RCE
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uncontrolled resource consumption in Grafana OSS allows authenticated low-privilege users to trigger an out-of-memory (OOM) crash by exploiting the $__timeGroup macro against a configured SQL datasource. The attack is slow by nature - requiring upwards of 30 minutes to exhaust server memory - and affects Grafana OSS versions spanning from 8.0.0 through 13.0.1. Grafana reported this vulnerability directly, a vendor patch is available across all affected release branches, and no public exploit code or active exploitation has been identified at time of analysis.

Denial Of Service Grafana Oss
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unbounded memory allocation in Grafana OSS's plugin resources endpoint allows any authenticated low-privileged user to trigger an out-of-memory condition by sending a sufficiently large HTTP request body, resulting in denial of service against the Grafana instance. Affected versions span a wide range from 6.7.0 through 13.0.1, with vendor-released security patches available across all supported branches. No public exploit exists and CISA has not added this to the KEV catalog; the EPSS score of 0.04% (12th percentile) reflects very low observed exploitation probability.

Denial Of Service Grafana Grafana Oss
NVD VulDB
Prev Page 25 of 406 Next

Quick Facts

Typical Severity
MEDIUM
Category
other
Total CVEs
36508

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy