CWE-1050: Excessive Platform Resource Consumption within a Loop
The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors.
Last updated
Overview
CWE-1050 (Excessive Platform Resource Consumption within a Loop) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
11 recorded CVEs are caused by CWE-1050 (Excessive Platform Resource Consumption within a Loop). The highest-severity and most recent are shown first. 4 new CWE-1050 CVEs have been recorded so far in 2026 (3 in 2025).
- CVE-2026-4634
Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters
High · CVSS 7.5 · EPSS 41th2026-04-02 - CVE-2025-67419High · CVSS 7.5 · EPSS 21th2026-01-05
- CVE-2025-48866
ModSecurity has possible DoS vulnerability in sanitiseArg action
High · CVSS 7.5 · EPSS 52th2025-06-02