CWE-410: Insufficient Resource Pool
low-riskThe product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
Abstraction: Class
Common Consequences
Availability
→
DoS: Crash, Exit, or Restart
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2025-27479 | 7.5 | 39.5% | — |
| CVE-2022-40224 | 7.5 | 11.7% | — |
| CVE-2022-2048 | 7.5 | 1.3% | — |
| CVE-2022-46679 | 6.5 | 0.5% | — |
| CVE-2018-13815 | 7.5 | 0.5% | — |
| CVE-2021-1615 | 8.6 | 0.4% | — |
| CVE-2019-13921 | 7.5 | 0.4% | — |
| CVE-2022-20937 | 5.3 | 0.4% | — |
| CVE-2019-0056 | 7.5 | 0.4% | — |
| CVE-2025-41653 | 7.5 | 0.3% | — |
6
/ 100
low-risk
Active Threat
6/50 · Minimal
Exploit Availability
0/50 · Minimal