Description
The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.
Extended Description
This can allow the actor to perform actions more frequently than expected. The actor could be a human or an automated process such as a virus or bot. This could be used to cause a denial of service, compromise program logic (such as limiting humans to a single vote), or other consequences. For example, an authentication routine might not limit the number of times an attacker can guess a password. Or, a web site might conduct a poll but only expect humans to vote a maximum of once a day.
CVE vulnerabilities with CWE-799 (69)
9.8
CVSS
CRITICAL
CVE-2025-54321
pub. 2025-11-18
8.8
CVSS
HIGH
CVE-2024-6890
pub. 2024-08-07
8.7
CVSS
HIGH
CVE-2024-45788
pub. 2024-09-11
8.7
CVSS
HIGH
CVE-2024-32943
pub. 2024-06-20
8.7
CVSS
HIGH
CVE-2024-35246
pub. 2024-06-20
8.2
CVSS
HIGH
CVE-2025-29998
pub. 2025-03-13
8.1
CVSS
HIGH
CVE-2026-7402
pub. 2026-04-30
8.1
CVSS
HIGH
CVE-2026-32729
pub. 2026-03-16
8.1
CVSS
HIGH
CVE-2026-24017
pub. 2026-03-10
8.1
CVSS
HIGH
CVE-2021-41177
pub. 2021-10-25
7.5
CVSS
HIGH
CVE-2023-35621
pub. 2023-12-12
7.1
CVSS
HIGH
CVE-2026-5233
pub. 2026-06-15
7.1
CVSS
HIGH
CVE-2024-51557
pub. 2024-11-04
7.1
CVSS
HIGH
CVE-2024-47654
pub. 2024-10-04
6.9
CVSS
MEDIUM
CVE-2026-41343
pub. 2026-04-23
6.9
CVSS
MEDIUM
CVE-2026-22216
pub. 2026-03-13
6.9
CVSS
MEDIUM
CVE-2026-30972
pub. 2026-03-10
6.9
CVSS
MEDIUM
CVE-2025-32378
pub. 2025-04-09
6.5
CVSS
MEDIUM
CVE-2024-8475
pub. 2024-12-17
6.5
CVSS
MEDIUM
CVE-2023-40673
pub. 2024-06-04
Showing 20 of 69 vulnerabilities