CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-14435 – Application-Level DoS via infinite re-render loop in user profile handling
https://notcve.org/view.php?id=CVE-2025-14435
16 Jan 2026 — Mattermost versions 10.11.x <= 10.11.8, 11.1.x <= 11.1.1, 11.0.x <= 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops. • https://mattermost.com/security-updates • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-14822 – DoS from quadratic complexity in model.ParseHashtags
https://notcve.org/view.php?id=CVE-2025-14822
16 Jan 2026 — Mattermost versions 10.11.x <= 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens • https://mattermost.com/security-updates • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-71020
https://notcve.org/view.php?id=CVE-2025-71020
16 Jan 2026 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. • https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-1806/5/1.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-51602
https://notcve.org/view.php?id=CVE-2025-51602
16 Jan 2026 — mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server. • https://code.videolan.org/videolan/vlc/-/issues/29146 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-70746
https://notcve.org/view.php?id=CVE-2025-70746
16 Jan 2026 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. • https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-1806/4/1.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-47815 – Nsauditor 3.2.3 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2021-47815
15 Jan 2026 — Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. • https://www.vulncheck.com/advisories/nsauditor-denial-of-service-poc • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-47814 – NBMonitor 1.6.8 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2021-47814
15 Jan 2026 — NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. • https://www.vulncheck.com/advisories/nbmonitor-denial-of-service-poc • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-47813 – Backup Key Recovery 2.2.7 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2021-47813
15 Jan 2026 — Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. • https://www.vulncheck.com/advisories/backup-key-recovery-denial-of-service-poc • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-47798 – NoteBurner 2.35 - Denial Of Service (DoS) (PoC)
https://notcve.org/view.php?id=CVE-2021-47798
15 Jan 2026 — NoteBurner 2.35 contains a buffer overflow vulnerability in the license code input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the 'Name' and 'Code' fields to trigger an application crash. • https://www.vulncheck.com/advisories/noteburner-denial-of-service-dos-poc • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-47797 – Media 11.0.0.1 - Denial of Service (DoS) (PoC)
https://notcve.org/view.php?id=CVE-2021-47797
15 Jan 2026 — Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. • https://www.vulncheck.com/advisories/leawo-prof-media-denial-of-service-dos-poc • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •