
CVE-2025-48367 – Redis DoS Vulnerability due to bad connection error handling
https://notcve.org/view.php?id=CVE-2025-48367
07 Jul 2025 — An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. • https://github.com/redis/redis/commit/bde62951accfc4bb0a516276fd0b4b307e140ce2 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVE-2025-6712 – MongoDB Server may be susceptible to DoS due to Accumulated Memory Allocation
https://notcve.org/view.php?id=CVE-2025-6712
07 Jul 2025 — MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory consumption can increase, potentially impacting server stability and availability. This issue affects MongoDB Server v8.0 versions prior to 8.0.10 • https://jira.mongodb.org/browse/SERVER-106751 • CWE-400: Uncontrolled Resource Consumption •

CVE-2025-5472 – Denial of Service via Uncontrolled Recursive JSON Parsing in JSONReader in run-llama/llama_index
https://notcve.org/view.php?id=CVE-2025-5472
07 Jul 2025 — This vulnerability allows attackers to trigger a Denial of Service (DoS) by submitting deeply nested JSON structures, leading to a RecursionError and crashing applications. • https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635 • CWE-674: Uncontrolled Recursion •

CVE-2025-3264 – Regular Expression Denial of Service (ReDoS) in huggingface/transformers
https://notcve.org/view.php?id=CVE-2025-3264
07 Jul 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_imports()` function within `dynamic_module_utils.py`. • https://github.com/huggingface/transformers/commit/0720e206c6ba28887e4d60ef60a6a089f6c1cc76 • CWE-1333: Inefficient Regular Expression Complexity •

CVE-2025-3263 – Regular Expression Denial of Service (ReDoS) in huggingface/transformers
https://notcve.org/view.php?id=CVE-2025-3263
07 Jul 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_configuration_file()` function within the `transformers.configuration_utils` module. • https://github.com/huggingface/transformers/commit/0720e206c6ba28887e4d60ef60a6a089f6c1cc76 • CWE-1333: Inefficient Regular Expression Complexity •

CVE-2025-3262 – Regular Expression Denial of Service (ReDoS) in huggingface/transformers
https://notcve.org/view.php?id=CVE-2025-3262
07 Jul 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. ... This can degrade application performance and potentially result in a denial-of-service (DoS) when handling specially crafted input strings. • https://github.com/huggingface/transformers/commit/0720e206c6ba28887e4d60ef60a6a089f6c1cc76 • CWE-1333: Inefficient Regular Expression Complexity •

CVE-2025-3225 – XML Entity Expansion vulnerability in run-llama/llama_index
https://notcve.org/view.php?id=CVE-2025-3225
07 Jul 2025 — This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service (DoS) by exhausting system memory and potentially causing a system crash. • https://github.com/run-llama/llama_index/commit/4f6ee062b19212106a2632af9c9521fc7f0a3584 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •

CVE-2024-25177
https://notcve.org/view.php?id=CVE-2024-25177
07 Jul 2025 — LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS). LuaJIT hasta 2.1 tiene un deshundimiento de IR_FSTORE para metatabla NULL, lo que conduce a una denegación de servicio (DoS). • https://gist.github.com/pwnhacker0x18/a73f560d79f2c3d4011d6c5a2676f04a • CWE-476: NULL Pointer Dereference •

CVE-2025-26780
https://notcve.org/view.php?id=CVE-2025-26780
07 Jul 2025 — The lack of a length check leads to a Denial of Service via a malformed PDCP packet. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-20: Improper Input Validation •

CVE-2025-53604
https://notcve.org/view.php?id=CVE-2025-53604
05 Jul 2025 — The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header. • https://crates.io/crates/web-push • CWE-130: Improper Handling of Length Parameter Inconsistency •