By weakness (CWE)

CWE-409: related vulnerabilities

CVEs classified under CWE-409. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-44697HIGH 8.6

    Klever-Go versions prior to 1.7.17 contain a remote denial-of-service flaw that allows any network participant to crash validator nodes by sending a single, small network message (under 50 KB). The vulnerable code mishandles decompression of batched data, causing the receiving node to allocate multiple gigabytes of memory unexpectedly, leading to out-of-memory crashes. Because validators are critical to blockchain operation, an attacker can disrupt the entire Klever network's ability to process transactions and reach consensus. The attack requires no authentication and can be executed from any peer on the network.