CWE-408
6 CVEs classified under CWE-408. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41405 | High | 7.5 | 2026-04-28 | OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhau… |
CVE-2020-1657 | High | 7.5 | 2020-10-16 | On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to I… |
CVE-2026-3592 | Medium | 5.3 | 2026-05-20 | BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the reso… |
CVE-2026-41374 | Medium | 5.3 | 2026-04-28 | OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume… |
CVE-2026-41331 | Medium | 5.3 | 2026-04-20 | OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows unauthorized group senders to tri… |
CVE-2022-2576 | | 2022-07-29 | In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without u… |