CWE-789

CWE-789

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

6

Critical

0

High

2

Medium

4

Low

0

Severity distribution

Recent CVEs

showing 6 of 6

CVE-2026-44967Medium· 5.3EPSS 0%22 h ago
OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters (traces/metrics/logs) read the full HTTP response into an in-memory vector of bytes without a size cap. This is exploitable for m
CVE-2026-52753Medium· 5.5EPSS 0%1 d ago
Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust_demangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memor
CVE-2026-10142High· 7.5EPSS 0%1 d ago
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length va
CVE-2026-47734Medium· 5.7EPSS 0%2 d ago
Dulwich has unbounded memory allocation in receive-pack from crafted thin packs
pypi
CVE-2026-52759Medium· 5.5EPSS 0%2 d ago
Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load
CVE-2026-49975High· 7.5EPSS 0%2 d ago
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.