Weaknesses of type CWE-674
239 resultsCVE-2026-41311HIGHLiquidJS is vulnerable to Denial of Service via circular block reference in layoutEPSS 0.4%CVE-2025-53605MEDIUMThe protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parEPSS 0.4%CVE-2025-66031HIGHnode-forge ASN.1 Unbounded RecursionEPSS 0.4%CVE-2026-0994HIGHDenial of Service in Python ProtobufEPSS 0.4%CVE-2025-50420MEDIUMAn issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted EPSS 0.4%CVE-2025-36001MEDIUMIBM Db2 Denial of ServiceEPSS 0.3%CVE-2024-58264LOWThe serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data.EPSS 0.3%CVE-2026-9740HIGHUnbounded recursion in BSONColumn interleaved-reference causes pre-auth stack overflowEPSS 0.3%CVE-2026-33508HIGHParse Server: LiveQuery subscription query depth bypassEPSS 0.3%CVE-2025-61766MEDIUMBucket vulnerable to infinite recursion when querying a bucket using the != operatorEPSS 0.3%CVE-2026-41680HIGHMarked: OOM Denial of Service via Infinite Recursion in marked TokenizerEPSS 0.3%CVE-2025-70957HIGHA Denial of Service (DoS) vulnerability was discovered in the TON Lite Server before v2024.09. The vulnerability arises from the handling ofEPSS 0.3%CVE-2025-5472MEDIUMDenial of Service via Uncontrolled Recursive JSON Parsing in JSONReader in run-llama/llama_indexEPSS 0.3%CVE-2025-43708LOWVisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowErrorEPSS 0.3%CVE-2026-40879HIGHNest: DoS via Recursive handleData in JsonSocket (TCP Transport)EPSS 0.3%CVE-2026-49941HIGHNet::CIDR::Set versions through 0.20 for Perl did not validate IP addressesEPSS 0.3%CVE-2026-39376HIGHFastFeedParser has an infinite redirect loop DoS via meta-refresh chainEPSS 0.3%CVE-2026-9358MEDIUMpostcss-selector-parser AST Serialization container.js toString recursionEPSS 0.3%CVE-2026-48712HIGHprotobufjs: Denial of service through unbounded Any expansion during JSON conversionEPSS 0.3%CVE-2024-58102MEDIUMAn issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing uEPSS 0.3%