CVE-2026-45680

Published: Giu 02, 2026 Last Modified: Giu 02, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,9
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the metrics exporter to spend excessive CPU time in a tight loop every collection interval. This issue has been patched in version 0.9.0.

400

Uncontrolled Resource Consumption

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Access Control Other
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other) Bypass Protection Mechanism Other
Applicable Platforms
Technologies: Not Technology-Specific, AI/ML
Likelihood of Exploit: High
View CWE Details
834

Excessive Iteration

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability
Potential Impacts:
Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Amplification Dos: Crash, Exit, Or Restart
Applicable Platforms
All platforms may be affected
View CWE Details
https://github.com/open-telemetry/opentelemetry-ebpf-instru…
https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/releases/t…
https://github.com/open-telemetry/opentelemetry-ebpf-instru…
https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/a…