7 matches found
CVE-2026-40007
Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...
CVE-2026-40007 Apache IoTDB: Unauthenticated unbounded recursion in IoTDB AirGap receiver's E-language prefix parser causes per-connection StackOverflowError
Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...
CVE-2026-40007
Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...
EUVD-2026-42835
Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...
CVE-2026-40006 Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver
Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...
CVE-2026-40006
Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...
EUVD-2026-42834
Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...