CVE-2026-10533

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

EUVD-2026-33641

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

SUSE CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

CVE-2026-40016

CVE-2026-40016: An attacker can upload a malicious Sieve script via ManageSieve (or local access) to bypass CPU time limits, potentially increasing allowed run time up to 130× the configured limit and degrading server performance. Affected component is the Sieve execution/ManageSieve handling; ro...

oak 安全漏洞

oak is a middleware framework from oak open source. A security vulnerability exists in oak version 17.1.5 and earlier, which stems from the fact that a specially crafted value in the x-forwarded-proto or x-forwarded-for header may cause a degradation in server performance...

Tomcat: WebSocket DoS with incomplete closing handshake

A denial of service DoS vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability...

Sorare: Circular based introspetion Query leading to single request denial of service and cost consumption and query cost on api.sorare.com/graphql

The Sorare GraphQL API has an introspection feature enabled by default, which allows developers to explore the API's schema. However, due to a lack of depth limits, an attacker can execute a circular introspection query that leads to a single request denial of service, affecting both the...

CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

Legal Robot: No length limit in invite_code can cause server degradation

Hi Team, I get to know that in every field is secured by restricted limit by length, but, i can see that one place where you forget to add that security feature , which can cause server degradation. https://app.legalrobot-uat.com/dmca-safe-harbor Here, i can see feature to add invite-code , but i...