CWE-835

Infinite Loop

MITRE

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

Critical

High

Medium

Low

Severity distribution

Recent CVEs

showing 14 of 14

CVE-2024-20353High· 8.6KEVEPSS 19%23 h ago
Cisco ASA and FTD Denial of Service Vulnerability
CVE-2026-49495Medium· 5.5EPSS 0%1 d ago
Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the exp
CVE-2026-48733Medium· 4.7EPSS 0%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has
CVE-2026-46521Medium· 5.5EPSS 0%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check
CVE-2026-46522High· 7.5EPSS 1%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CP
CVE-2026-44186High· 7.3EPSS 0%2 d ago
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are reco
CVE-2026-46146Medium· 5.5EPSS 0%2 d ago
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() The convert_chmap_v3() has a loop with its increment size of cs_desc->wLength, but we forgot to valida
CVE-2025-71329High· 7.5EPSS 0%2 d ago
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-typ
CVE-2025-71330High· 7.5EPSS 0%2 d ago
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing v
CVE-2026-4111High· 7.5EPSS 0%2 d ago
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a
CVE-2025-71319—EPSS 0%2 d ago
image-size Denial of Service via Infinite Loop during Image Processing
npm
CVE-2024-28836Medium· 5.4EPSS 0%7 d ago
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at bui
CVE-2022-27781Low· 7.5EPSS 0%2026-04-25
curl/libcurl: CERTINFO never-ending busy-loop
curl
CVE-2025-5399Low· 7.5EPSS 1%2026-04-25
curl/libcurl: WebSocket endless loop
curl

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.