CVE-2026-45680

Name: CVE-2026-45680 — Vulnerability Record
Brand: Quanteta Data Lab
SKU: CVE-2026-45680

MEDIUM

CVSS v3.1: 5.9

NetworkNo privilegesNo user interactionResource Exhaustion (DoS)Vendor advisory ref

Source data as of: 2026-06-03 05:00:11 UTC

At a glance

Severity: MEDIUM
CVSS: 5.9 v3.1 · NVD
EPSS: EPSS not provided by FIRST.org for this CVE
CISA KEV: No
Type: Resource Exhaustion (DoS) · NVD CWE
Attack conditions (CVSS vector): NetworkNo privilegesNo user interaction · Source: NVD Vector
Published: 2026-06-02 · Modified: 2026-06-02
References: Jump to references (2)

CVSS / EPSS / KEV

CVSS v3.1 5.9 / 10 MEDIUM Source: NVD

EPSS — EPSS not provided by FIRST.org for this CVE Source: FIRST.org

CISA KEV No Source: CISA

Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources

Description

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the metrics exporter to spend excessive CPU time in a tight loop every collection interval. This issue has been patched in version 0.9.0.

Record details

CVE ID: CVE-2026-45680
CVSS (v3.1): 5.9 (MEDIUM)
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability subscore: 2.2
Impact subscore: 3.6
CISA KEV: No
Weakness (CWE): CWE-400, CWE-834
Affected configurations (CPE): 0
Published: 2026-06-02
Modified: 2026-06-02
Status: Undergoing Analysis

References

Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.

← Back to all records

CVE-2026-45680

At a glance

CVSS / EPSS / KEV

Description

Record details

References

Related records

Same weakness type (CWE)

Published the same year