By weakness (CWE)

CWE-789: related vulnerabilities

CVEs classified under CWE-789. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-41178MEDIUM 5.3

    OpenTelemetry-Go versions 1.41.0 and 1.43.0 contain a denial-of-service vulnerability in their baggage header parsing logic. The removal of size validation allows attackers to send oversized or malformed baggage headers that cause the application to process arbitrarily large inputs, log excessive errors, and potentially exhaust system resources. This is a network-accessible vulnerability requiring no authentication, making it exploitable by any remote actor.