CWE-835— Loop with Unreachable Exit Condition (Infinite Loop)
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.— MITRE CWE catalog
730 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-835page 14 of 15
- CVE-2026-28214MEDIUMCVSS 6.5EG 6.52026-04-17
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize() function can overflow the totalLength value when parsing a Wide type clumplet, causing an…
- CVE-2026-29975HIGHCVSS 7.5EG 7.52026-05-08
lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser (lwjson_stream.c). The end-of-string detection logic incorrectly identifies escaped quote characters by only checking the immediately preceding c…
- CVE-2026-31448CRITICALCVSS 9.4EG 9.42026-04-22
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tre…
- CVE-2026-31472MEDIUMCVSS 5.5EG 5.52026-04-22
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet tot_len and ihl fields parsed from decrypted IPTFS payloads in __…
- CVE-2026-31498MEDIUMCVSS 5.5EG 5.52026-04-22
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop l2cap_config_req() processes CONFIG_REQ for channels in BT_CONNECTED state to support L2CAP reconfigura…
- CVE-2026-31552HIGHCVSS 7.5EG 7.52026-04-24
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom Since upstream commit e75665dd0968 ("wifi: wlcore: ensure skb headroom before skb_push"),…
- CVE-2026-31642MEDIUMCVSS 5.5EG 5.52026-04-24
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet->calls list to use list_del_rcu() rather than list_del_init() to prevent stuffing …
- CVE-2026-32739MEDIUMCVSS 6.5EG 6.52026-05-19
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Box_stts::get_sample_duration(), consuming 100% CPU indefinitely with zero progress,…
- CVE-2026-32875HIGHCVSS 7.5EG 7.52026-03-20
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps() crashes the Python i…
- CVE-2026-33116HIGHCVSS 7.5EG 7.52026-04-14
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
- CVE-2026-33814HIGHCVSS 7.5EG 7.52026-05-07
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
- CVE-2026-33891HIGHCVSS 7.5EG 7.52026-03-27
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, a Denial of Service (DoS) vulnerability exists in the node-forge library due to an infinite loop in the BigInteg…
- CVE-2026-34282HIGHCVSS 7.5EG 7.52026-04-21
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.…
- CVE-2026-34852MEDIUMCVSS 6.1EG 6.12026-04-13
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2026-34962MEDIUMCVSS 6.2EG 6.22026-05-11
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4_common.c where the ext4fs_iterate_dir() function fails to validate that directory entry length values are non-zero. Att…
- CVE-2026-35406MEDIUMCVSS 6.2EG 6.22026-04-07
Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This v…
- CVE-2026-39806HIGHCVSS 7.5EG 7.52026-05-13
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':do_read_chunked_data!/5 in lib/bandit/http1…
- CVE-2026-39934MEDIUMCVSS 6.9EG 6.92026-04-07
Loop with unreachable exit condition ('infinite loop') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue was remediated on…
- CVE-2026-4111HIGHCVSS 7.5EG 7.52026-03-13
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a…
- CVE-2026-41146HIGHCVSS 8.7EG 8.72026-04-22
facil.io is a C micro-framework for web applications. Prior to commit 5128747363055201d3ecf0e29bf0a961703c9fa0, `fio_json_parse` can enter an infinite loop when it encounters a nested JSON value starting with `i` or `I`. The process spins …
- CVE-2026-41150MEDIUMCVSS 5.3EG 5.32026-05-29
Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, there is a denial-of-service attack when rendering gantt charts, if they use the excludes attribute to exc…
- CVE-2026-41285MEDIUMCVSS 4.3EG 4.32026-04-21
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no prece…
- CVE-2026-41511MEDIUMCVSS 5.5EG 5.52026-05-08
OpenMcdf is a fully .NET / C# library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File …
- CVE-2026-41680HIGHCVSS 7.5EG 7.52026-04-24
Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a critical Denial of Service (DoS) vulnerability exists in marked. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline (\x09\x0b\n)—an unauth…
- CVE-2026-42310MEDIUMCVSS 5.5EG 5.52026-05-09
Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue ha…
- CVE-2026-42781MEDIUMCVSS 6.5EG 6.52026-05-13
When embedded Packet Velocity Acceleration (ePVA) acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel (TMM) resource utilization. Note: Software versions which …
- CVE-2026-42899HIGHCVSS 7.5EG 7.52026-05-12
Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
- CVE-2026-42920HIGHCVSS 7.5EG 7.52026-05-13
When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Tech…
- CVE-2026-43096MEDIUMCVSS 5.5EG 5.52026-05-06
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, m…
- CVE-2026-43486MEDIUMCVSS 5.5EG 5.52026-05-13
In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults contpte_ptep_set_access_flags() compared the gathered ptep_get() value against the requested entry…
- CVE-2026-44186HIGHCVSS 7.3EG 7.32026-06-08
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are rec…
- CVE-2026-44302HIGHCVSS 7.5EG 7.52026-05-12
Snappier is a high performance C# implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes…
- CVE-2026-44740MEDIUMCVSS 6.5EG 6.52026-06-01
Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive…
- CVE-2026-45864MEDIUMCVSS 5.5EG 5.52026-05-27
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range [valid : pos), if valid cannot be retrieved correctly, fo…
- CVE-2026-45919MEDIUMCVSS 5.5EG 5.52026-05-27
In the Linux kernel, the following vulnerability has been resolved: sched/rt: Skip currently executing CPU in rto_next_cpu() CPU0 becomes overloaded when hosting a CPU-bound RT task, a non-CPU-bound RT task, and a CFS task stuck in kerne…
- CVE-2026-4598HIGHCVSS 7.5EG 7.52026-03-23
Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the …
- CVE-2026-46146CVSS 0.0EG 5.52026-05-28
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() The convert_chmap_v3() has a loop with its increment size of cs_desc->wLength, but we forgot to valid…
- CVE-2026-46314MEDIUMCVSS 5.5EG 5.52026-06-08
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3d_get_extensions() walks a userspace-provided singly-linked list of ioctl extensions without any bou…
- CVE-2026-46385HIGHCVSS 7.5EG 8.72026-05-18
iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeade…
- CVE-2026-46521MEDIUMCVSS 5.5EG 5.52026-05-18
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing chec…
- CVE-2026-46522HIGHCVSS 7.5EG 7.52026-05-18
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in C…
- CVE-2026-47066HIGHCVSS 7.5EG 7.52026-05-25
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response header parser in src/hackney_altsvc.erl does not guarantee forward progress. When parse_token/2 recei…
- CVE-2026-48733MEDIUMCVSS 4.7EG 4.72026-06-10
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue ha…
- CVE-2026-4890HIGHCVSS 7.5EG 7.52026-05-11
A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
- CVE-2026-48986MEDIUMCVSS 4.7EG 4.72026-06-18
pam_usb provides hardware authentication for Linux using removable media. In pam_usb 0.9.1 and earlier, usb_get_process_parent_id() can cause an infinite loop DoS because it does not initialize *ppid on failure. In pusb_local_login(), the …
- CVE-2026-49017HIGHCVSS 7.1EG 7.12026-05-27
In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-ser…
- CVE-2026-49495MEDIUMCVSS 5.5EG 5.52026-06-10
Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the ex…
- CVE-2026-52921MEDIUMCVSS 5.5EG 5.52026-06-24
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash:* range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges wi…
- CVE-2026-52933HIGHCVSS 7.8EG 7.82026-06-24
In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: fix signed comparison in io_poll_get_ownership() io_poll_get_ownership() uses a signed comparison to check whether poll_refs has reached the threshold for…
- CVE-2026-53312MEDIUMCVSS 5.5EG 5.52026-06-26
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather->end of ULONG_MAX, but if this happens…
Map vulnerabilities like CWE-835 to your infrastructure
EchelonGraph correlates every CVE — across CWE-835 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →