CWE-404— Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.— MITRE CWE catalog
731 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-404page 13 of 15
- CVE-2026-14650LOWCVSS 3.3EG 3.32026-07-04
A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grass_compiler::raw_to_parse_error of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack i…
- CVE-2026-14651LOWCVSS 3.3EG 3.32026-07-04
A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grass_compiler::selector::extend/grass_compiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carr…
- CVE-2026-14790LOWCVSS 3.3EG 3.32026-07-06
A flaw has been found in GPAC 26.02.0. This affects the function nhmldump_send_frame of the file src/filters/write_nhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requir…
- CVE-2026-14801LOWCVSS 3.3EG 3.32026-07-06
A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component TeXML File Handler. Such manipulation of …
- CVE-2026-15184LOWCVSS 3.3EG 3.32026-07-09
A vulnerability was found in GNU LibreDWG up to 0.13.4. The impacted element is the function dwg_next_entity of the file src/dwg.c of the component DWG File Handler. Performing a manipulation of the argument next_obj results in null pointe…
- CVE-2026-1521MEDIUMCVSS 5.3EG 5.32026-01-28
A security flaw has been discovered in Open5GS up to 2.7.6. This affects the function sgwc_s5c_handle_bearer_resource_failure_indication of the file src/sgwc/s5c-handler.c of the component SGWC. Performing a manipulation results in denial …
- CVE-2026-1522MEDIUMCVSS 5.3EG 5.32026-01-28
A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwc_s5c_handle_modify_bearer_response of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of …
- CVE-2026-15274LOWCVSS 3.3EG 3.32026-07-09
A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the file src/pull_parser/v7400/parser.rs of the component Node Header Handler. The manipulation results in denial of service. The attack must be in…
- CVE-2026-15276LOWCVSS 3.3EG 3.32026-07-09
A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been …
- CVE-2026-1586MEDIUMCVSS 5.3EG 5.32026-01-29
A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogs_gtp2_f_teid_to_ip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from re…
- CVE-2026-1587MEDIUMCVSS 5.3EG 5.32026-01-29
A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwc_s11_handle_modify_bearer_request of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is pos…
- CVE-2026-1682MEDIUMCVSS 5.3EG 5.32026-01-30
A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null point…
- CVE-2026-1683MEDIUMCVSS 5.3EG 5.32026-01-30
A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial o…
- CVE-2026-1684MEDIUMCVSS 5.3EG 5.32026-01-30
A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcp_reports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The…
- CVE-2026-1739MEDIUMCVSS 5.3EG 5.32026-02-02
A vulnerability has been found in Free5GC pcf up to 1.4.1. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference. The attack is possible to …
- CVE-2026-1875HIGHCVSS 7.5EG 7.52026-03-03
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service (DoS) condition on …
- CVE-2026-1876HIGHCVSS 7.5EG 7.52026-03-03
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service (DoS) condition on the pro…
- CVE-2026-1973MEDIUMCVSS 5.3EG 5.32026-02-06
A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The …
- CVE-2026-1974MEDIUMCVSS 5.3EG 5.32026-02-06
A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of service. Remote exploitation of the…
- CVE-2026-1975MEDIUMCVSS 5.3EG 5.32026-02-06
A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit h…
- CVE-2026-1976MEDIUMCVSS 5.3EG 5.32026-02-06
A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes null pointer dereference. The attack is possible to be carried out remotely. The exploit…
- CVE-2026-1990LOWCVSS 3.3EG 3.32026-02-06
A security vulnerability has been detected in oatpp up to 1.3.1. This impacts the function oatpp::data::type::ObjectWrapper::ObjectWrapper of the file src/oatpp/data/type/Type.hpp. The manipulation leads to null pointer dereference. Local …
- CVE-2026-1991LOWCVSS 3.3EG 3.32026-02-06
A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvc_scan_streaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be …
- CVE-2026-20050MEDIUMCVSS 6.8EG 6.82026-03-04
A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an…
- CVE-2026-2062MEDIUMCVSS 5.3EG 5.32026-02-06
A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwc_s5c_handle_modify_bearer_response/sgwc_sxa_handle_session_modification_response of the component PGW S5U Address Handler. The manipulation leads to null …
- CVE-2026-2108MEDIUMCVSS 5.3EG 5.32026-02-07
A vulnerability was determined in jsbroks COCO Annotator up to 0.11.1. This impacts an unknown function of the file /api/info/long_task of the component Endpoint. This manipulation causes denial of service. The attack may be initiated remo…
- CVE-2026-21975MEDIUMCVSS 4.5EG 4.52026-01-20
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege wi…
- CVE-2026-2517MEDIUMCVSS 5.3EG 5.32026-02-15
A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogs_gtp2_parse_tft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf[0].content.length r…
- CVE-2026-2524MEDIUMCVSS 5.3EG 5.32026-02-16
A flaw has been found in Open5GS 2.7.6. The impacted element is the function mme_s11_handle_create_session_response of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has bee…
- CVE-2026-2525MEDIUMCVSS 5.3EG 5.32026-02-16
A vulnerability has been found in Free5GC up to 4.1.0. This affects an unknown function of the component PFCP UDP Endpoint. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed t…
- CVE-2026-2641LOWCVSS 3.3EG 3.32026-02-18
A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Executing a manipulation can lead to uncont…
- CVE-2026-2642LOWCVSS 3.3EG 3.32026-02-18
A security vulnerability has been detected in ggreer the_silver_searcher up to 2.2.0. The impacted element is the function search_stream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required…
- CVE-2026-2887LOWCVSS 3.3EG 3.32026-02-21
A security vulnerability has been detected in aardappel lobster up to 2025.4. This impacts the function lobster::TypeName in the library dev/src/lobster/idents.h. Such manipulation leads to uncontrolled recursion. The attack can only be pe…
- CVE-2026-2903LOWCVSS 3.3EG 3.32026-02-22
A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit …
- CVE-2026-2957MEDIUMCVSS 5.4EG 5.42026-02-22
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation cause…
- CVE-2026-29771MEDIUMCVSS 6.5EG 6.52026-03-07
Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic…
- CVE-2026-2984MEDIUMCVSS 6.5EG 6.52026-02-23
A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/drop_user.php. Such manipulation of the argument ID leads to denial of service. The attack can …
- CVE-2026-3206NONECVSS 0.0EG 1.32026-02-25
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE (CircuitBreaker modules), KrakenD, SLU KrakenD-EE (CircuitBreaker modules). This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5.
- CVE-2026-3269MEDIUMCVSS 4.3EG 4.32026-02-27
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Sess…
- CVE-2026-3384LOWCVSS 3.3EG 3.32026-03-01
A security vulnerability has been detected in ChaiScript up to 6.1.0. This impacts the function chaiscript::eval::AST_Node_Impl::eval/chaiscript::eval::Function_Push_Pop of the file include/chaiscript/language/chaiscript_eval.hpp. The mani…
- CVE-2026-3385LOWCVSS 3.3EG 3.32026-03-01
A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wren_compiler.c. The manipulation results in uncontrolled recursion. Attacking locally is a requirement. The exploit is no…
- CVE-2026-3387LOWCVSS 3.3EG 3.32026-03-01
A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren_compiler.c. Such manipulation leads to null pointer dereference. Local access is required…
- CVE-2026-3388LOWCVSS 3.3EG 3.32026-03-01
A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be appr…
- CVE-2026-3389LOWCVSS 3.3EG 3.32026-03-01
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be exe…
- CVE-2026-3392LOWCVSS 3.3EG 3.32026-03-01
A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function eval_tree of the file src/lily_emitter.c. This manipulation causes null pointer dereference. The attack is restricted to local execution. …
- CVE-2026-3408MEDIUMCVSS 4.3EG 4.32026-03-02
A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack c…
- CVE-2026-34317MEDIUMCVSS 5.0EG 5.02026-04-21
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker…
- CVE-2026-3465LOWCVSS 3.1EG 3.12026-03-03
A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruise_time causes denial of ser…
- CVE-2026-35667MEDIUMCVSS 6.1EG 6.12026-04-10
OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-27486 where the !stop chat command uses an unpatched killProcessTree function from shell-utils.ts that sends SIGKILL immediately without graceful SIGTERM shutdown. Attackers…
- CVE-2026-3665LOWCVSS 3.3EG 3.32026-03-07
A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsx_consumer::read_office_document of the file source/detail/serialization/xlsx_consumer.cpp of the component XLSX File …
Map vulnerabilities like CWE-404 to your infrastructure
EchelonGraph correlates every CVE — across CWE-404 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →