By weakness (CWE)
CWE-704: related vulnerabilities
CVEs classified under CWE-704. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-45685HIGH 7.5
OpenTelemetry eBPF Instrumentation versions 0.1.0 through 0.8.x contain a denial-of-service vulnerability in their MongoDB wire protocol parser. An attacker on the network can send specially crafted MongoDB messages to crash the telemetry agent without needing authentication or user interaction. When the malformed message reaches the parser, it triggers an unhandled panic that terminates telemetry collection for the affected process or entire node. This is a remote, unauthenticated attack that requires only network access to the listening port.