By weakness (CWE)
CWE-191: related vulnerabilities
CVEs classified under CWE-191. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
3 published vulnerabilities
- CVE-2026-46107HIGH 7.8
A bug in the Linux kernel's device mapper thin provisioning layer can cause reference counting errors when managing shared metadata trees. When the kernel tries to reorganize a btree node that has been shared across multiple data structures, it fails to properly track pointers to child nodes, leading to crashes and data unavailability. The flaw occurs specifically in the rebalance_children function during metadata tree operations.
- CVE-2026-37231HIGH 7.5
FlexRIC v2.0.0 contains a counter overflow vulnerability that causes the application identifier (xapp_id) assignment mechanism to generate duplicate IDs after approximately 65,530 registration requests. When a duplicate ID is registered, the iApp component—which listens on port 36422—crashes due to an unhandled collision in its internal data structure. An attacker with network access can systematically trigger this denial-of-service condition by repeatedly initiating E42_SETUP_REQUEST messages to force counter wraparound and subsequent application crashes.
- CVE-2026-35049MEDIUM 6.5
Wire iOS users running versions before 4.16.0 are vulnerable to a denial-of-service attack where a specially crafted message causes the app to crash immediately upon receipt, without any user action required. The crash persists across app restarts, trapping users in a crash loop until they manually clear the app's local data. This affects authenticated users only—the attacker must have messaging access to the target.