CVE-2026-45740

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON and Namespace.addJSON. A crafted JSON descriptor with deeply nested namespace definitions...

CVE-2026-6811

Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...

CVE-2026-44289

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated decoding of nested message fields. A crafted protobuf...

CVE-2026-7453

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...

GHSA-C2P3-7M5P-CV8X Symfony hardened the parser when handling untrusted input

Description Symfony\Component\Yaml\Parser is the entry point for parsing YAML strings into PHP values via Yaml::parse. When the parser is exposed to attacker-controlled input, deeply nested mappings or sequences cause both the block-level Parser::parseBlock and inline Inline::parseSequence /...

PT-2026-44146

Description SymfonyComponentYamlParser is the entry point for parsing YAML strings into PHP values via Yaml::parse. When the parser is exposed to attacker-controlled input, deeply nested mappings or sequences cause both the block-level Parser::parseBlock and inline Inline::parseSequence /...

CVE-2026-7453

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

CVE-2026-7453

CVE-2026-7453 : A memory exhaustion issue occurs when parsing a malicious WRL file in Autodesk 3ds Max, causing a stack exhaustion and denial-of-service. The NVD entry confirms the description and lists a CVSSv3.1 base score of 5.3 (Medium) with local attack vector, low complexity, no privileges,...

CVE-2026-7453 WRL File Parsing Memory Exhaustion in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

EUVD-2026-31914

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

CVE-2026-7453

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

PT-2026-43361

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via Unbounded Recursion in Nested Blocks, Sequences, and Mappings. Symfony\Component\Yaml\Parser is the entry point for parsing YAML strings into PHP values via Yaml::parse. When the parser is exposed to...

Astra Linux - уязвимость в expat

In Expat also known as libexpat, before version 2.4.5, an attacker could trigger stack exhaustion in buildmodel by using a large nesting depth in the DTD element...

Astra Linux - уязвимость в binutils

A issue was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This issue involves stack exhaustion during the C++ demangling functions provided by libiberty. There is also a stack consumption problem caused by recursive stack frames: cplusdemangletype,...

Astra Linux - уязвимость в golang-1.19

Calling any of the Parse functions in Go source code that contains deeply nested literals can cause a panic due to stack exhaustion...

Astra Linux - уязвимость в libcroco

In libcroco version 0.6.13, there is excessive recursion in the cr parser function cr parserparseanycore in cr-parser.c, resulting in stack consumption...

Astra Linux - уязвимость в golang-1.19

Calling Decoder.Decode on a message that contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

Uncontrolled Recursion

Overview sqlfluffrs is a The SQL Linter for Humans Affected versions of this package are vulnerable to Uncontrolled Recursion through the ParseContext and parser recursion in the SQL parser components. An attacker can exhaust parser stack depth and force repeated parse failures by supplying deepl...