Cyber Resilience

CWE · MITRE source

CWE-409Improper Handling of Highly Compressed Data (Data Amplification)

Abstraction: Base · CVEs in our corpus: 69

The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.

An example of data amplification is a "decompression bomb," a small ZIP file that can produce a large amount of data when it is decompressed.

Last updated: 04 July 2026 08:17 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: mostly · 2 mapping(s) from 1 framework(s): ATT&CK 2 (mostly)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (1)AI

Control Title Family Why it addresses this CWE
SC-5Denial-of-service ProtectionSCLimits effects of data amplification from compressed or malicious inputs.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2026-278097.09.10.00412026-02-26
CVE-2026-49975 UPD6.07.50.11472026-06-08
CVE-2022-292255.57.50.01442022-06-09
CVE-2024-28101 UPD5.57.50.00772024-03-21
CVE-2024-35725.57.50.00812024-04-16
CVE-2024-434995.57.50.02562024-11-12
CVE-2025-301535.57.50.00502025-03-19
CVE-2024-128865.57.50.00672025-03-20
CVE-2024-77655.57.50.00722025-03-20
CVE-2025-58057 UPD5.57.50.00562025-09-04
CVE-2025-627085.57.50.00402025-10-22
CVE-2025-664715.57.50.00622025-12-05
CVE-2025-669095.57.50.00462025-12-19
CVE-2025-69223 UPD5.57.50.00492026-01-05
CVE-2026-21441 UPD5.57.50.02672026-01-07
CVE-2026-227765.57.50.00352026-01-12
CVE-2026-228705.57.50.00432026-01-13
CVE-2026-284355.57.50.00422026-03-04
CVE-2026-1526 UPD5.57.50.01152026-03-12
CVE-2026-29785 UPD5.57.50.00662026-03-25
CVE-2026-400365.57.50.00512026-04-08
CVE-2026-40192 UPD5.57.50.00672026-04-15
CVE-2026-44432 UPD5.57.50.00682026-05-13
CVE-2026-44697 UPD5.58.60.00382026-05-29
CVE-2026-10725 UPD5.57.50.00412026-06-06