Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-789 (未经控制的内存分配) — Vulnerability Class 99

99 vulnerabilities classified as CWE-789 (未经控制的内存分配). AI Chinese analysis included.

CWE-789 represents a critical memory management weakness where software allocates resources based on unvalidated, excessively large size values provided by external inputs. This flaw typically arises when developers fail to enforce upper bounds on integer parameters before invoking allocation functions, allowing attackers to supply maliciously crafted values that trigger massive memory consumption. Exploitation often leads to denial-of-service conditions through system exhaustion or resource starvation, potentially destabilizing the entire host environment. To mitigate this risk, developers must implement rigorous input validation strategies that strictly check size parameters against predefined, safe thresholds before any allocation occurs. Additionally, utilizing language-specific bounds checking mechanisms and static analysis tools can help identify potential overflows early in the development lifecycle, ensuring that memory requests remain within acceptable operational limits and preventing arbitrary resource depletion.

MITRE CWE Description
The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
Common Consequences (1)
AvailabilityDoS: Resource Consumption (Memory)
Not controlling memory allocation can result in a request for too much system memory, possibly leading to a crash of the application due to out-of-memory conditions, or the consumption of a large amount of memory on the system.
Mitigations (2)
Implementation, Architecture and DesignPerform adequate input validation against any value that influences the amount of memory that is allocated. Define an appropriate strategy for handling requests that exceed the limit, and consider supporting a configuration option so that the administrator can extend the amount of memory to be used if necessary.
OperationRun your program using system-provided resource limits for memory. This might still cause the program to crash or exit, but the impact to the rest of the system will be minimized.
Examples (2)
Consider the following code, which accepts an untrusted size value and allocates a buffer to contain a string of the given size.
unsigned int size = GetUntrustedInt(); /* ignore integer overflow (CWE-190) for this example */ unsigned int totBytes = size * sizeof(char); char *string = (char *)malloc(totBytes); InitializeString(string);
Bad · C
Consider the following code, which accepts an untrusted size value and uses the size as an initial capacity for a HashMap.
unsigned int size = GetUntrustedInt(); HashMap list = new HashMap(size);
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2021-47944 memono Notepad 4.2 Denial of Service via Buffer Overflow — Notepad 7.5 High2026-05-10
CVE-2026-42241 ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width — ParquetSharp 5.3 Medium2026-05-07
CVE-2026-43868 Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern — Apache Thrift 9.1 -2026-05-05
CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp — CImg 5.5 Medium2026-05-04
CVE-2026-42440 Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader — Apache OpenNLP 7.5 -2026-05-04
CVE-2018-25295 ObserverIP Scan Tool 1.4.0.1 Denial of Service via IP Field — ObserverIP Scan Tool 6.2 Medium2026-04-26
CVE-2018-25279 jiNa OCR Image to Text 1.0 Denial of Service via PNG — jiNa OCR Image to Text 6.2 Medium2026-04-26
CVE-2018-25274 InfraRecorder 0.53 Denial of Service via txt File Import — InfraRecorder 6.2 Medium2026-04-26
CVE-2026-33524 Zserio: Integer Overflow in BitStreamReader and Unbounded Memory Allocation in Deserialization — zserio 7.5 High2026-04-24
CVE-2026-40894 OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers — opentelemetry-dotnet 5.3 Medium2026-04-23
CVE-2026-40891 OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling — opentelemetry-dotnet 5.3 Medium2026-04-23
CVE-2026-40182 OpenTelemetry dotnet: OTLP exporter reads unbounded HTTP response bodies — opentelemetry-dotnet 5.3 Medium2026-04-23
CVE-2026-41314 pypdf: Manipulated FlateDecode image dimensions can exhaust RAM — pypdf 6.5AIMediumAI2026-04-22
CVE-2026-41312 pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM — pypdf 6.5AIMediumAI2026-04-22
CVE-2026-35633 OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses — OpenClaw 5.3 Medium2026-04-09
CVE-2026-35186 Wasmtime has an improperly masked return value from `table.grow` with Winch compiler backend — wasmtime 9.1AICriticalAI2026-04-09
CVE-2026-39882 OpenTelemetry-Go OTLP HTTP exporters read unbounded HTTP response bodies — opentelemetry-go 5.3 Medium2026-04-08
CVE-2026-24146 NVIDIA Triton Inference Server 安全漏洞 — Triton Inference Server 7.5 High2026-04-07
CVE-2026-39312 Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition — SoftEtherVPN 7.5 High2026-04-07
CVE-2026-35549 MariaDB Server 安全漏洞 — MariaDB 6.5 Medium2026-04-03
CVE-2026-24158 NVIDIA Triton Inference Server 安全漏洞 — Triton Inference Server 7.5 High2026-03-24
CVE-2026-33174 Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests — activestorage 7.5 -2026-03-23
CVE-2026-26931 Memory Allocation with Excessive Size Value in Metricbeat Leading to Denial of Service — Metricbeat 5.7 Medium2026-03-19
CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing — dr_libs dr_flac.h 6.2 Medium2026-03-17
CVE-2026-25780 Memory Exhaustion via Malformed DOC File Upload — Mattermost 4.3 Medium2026-03-16
CVE-2026-26246 Memory Exhaustion via Malformed PSD File Upload — Mattermost 4.3 Medium2026-03-16
CVE-2026-2456 Denial of Service via Unbounded Memory Allocation in Integration Actions — Mattermost 5.3 Medium2026-03-16
CVE-2026-28253 Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge — Tracer SC 7.5AIHighAI2026-03-12
CVE-2026-20048 Cisco NX-OS Software SNMP Denial of Service Vulnerability — Cisco NX-OS System Software in ACI Mode 7.7 High2026-02-25
CVE-2026-25899 Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation — fiber 7.5 High2026-02-24

Vulnerabilities classified as CWE-789 (未经控制的内存分配) represent 99 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.