CWE-606: Unchecked Input for Loop Condition
The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.
Last updated
Overview
CWE-606 (Unchecked Input for Loop Condition) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
19 recorded CVEs are caused by CWE-606 (Unchecked Input for Loop Condition). The highest-severity and most recent are shown first. 6 new CWE-606 CVEs have been recorded so far in 2026 (5 in 2025).
- CVE-2026-27689
Denial of service (DOS) in SAP Supply Chain Management
High · CVSS 7.72026-03-10 - CVE-2026-23689
Denial of service (DOS) in SAP Supply Chain Management
High · CVSS 7.72026-02-10 - CVE-2026-1519
Excessive NSEC3 iterations cause high CPU load during insecure delegation validation
High · CVSS 7.52026-03-25