CWE-190— Integer Overflow or Wraparound
2,807 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-190page 54 of 57
- CVE-2026-11281MEDIUMCVSS 5.0EG 0.02026-06-04
Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. (Chromium security severity: Low)
- CVE-2026-11290MEDIUMCVSS 5.0EG 0.02026-06-04
Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low)
- CVE-2026-11299MEDIUMCVSS 6.5EG 0.02026-06-04
Integer overflow in Fonts in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
- CVE-2026-1464MEDIUMCVSS 4.6EG 0.02026-01-27
Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apache/commons/compress/archivers/tar modules). This vulnerability is associated with program files TarUtils.Java. This issue affects AppManag…
- CVE-2026-20025MEDIUMCVSS 6.8EG 6.82026-03-04
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To e…
- CVE-2026-20446MEDIUMCVSS 4.3EG 4.32026-04-07
In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not n…
- CVE-2026-20753HIGHCVSS 8.7EG 8.72026-05-12
Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may pot…
- CVE-2026-20884HIGHCVSS 8.1EG 8.12026-04-07
An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vu…
- CVE-2026-20889CRITICALCVSS 9.8EG 9.82026-04-07
A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger th…
- CVE-2026-21321HIGHCVSS 7.8EG 7.82026-02-10
After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction …
- CVE-2026-21347HIGHCVSS 7.8EG 7.82026-02-10
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti…
- CVE-2026-21353HIGHCVSS 7.8EG 7.82026-02-10
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction …
- CVE-2026-21354MEDIUMCVSS 5.5EG 5.52026-02-10
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or bec…
- CVE-2026-21485HIGHCVSS 8.8EG 8.82026-01-06
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior (UB) and Out of Memory errors. This issue is fixed in version 2.3.1.2.
- CVE-2026-21486HIGHCVSS 7.8EG 7.82026-01-06
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below contain Use After Free, Heap-based Buffer Overflow and Integer Overflow or Wraparound and Out-of-bounds Write vulnerabi…
- CVE-2026-21673HIGHCVSS 7.8EG 7.82026-01-06
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have overflows and underflows in CIccXmlArrayType::ParseTextCountNum(). This vulnerability affects users of the iccDEV l…
- CVE-2026-21688HIGHCVSS 8.8EG 8.82026-01-07
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in …
- CVE-2026-21689MEDIUMCVSS 6.5EG 6.52026-01-07
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in …
- CVE-2026-22801MEDIUMCVSS 6.8EG 6.82026-01-12
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions …
- CVE-2026-23833HIGHCVSS 7.5EG 7.52026-01-19
ESPHome is a system to control microcontrollers remotely through Home Automation systems. In versions 2025.9.0 through 2025.12.6, an integer overflow in the API component's protobuf decoder allows denial-of-service attacks when API encrypt…
- CVE-2026-23876HIGHCVSS 8.1EG 8.12026-01-20
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder (ReadXBMImage) allows an attacker to wri…
- CVE-2026-24173HIGHCVSS 7.5EG 7.52026-04-07
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2026-24210HIGHCVSS 7.5EG 7.52026-05-20
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2026-24214HIGHCVSS 8.0EG 8.02026-05-20
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, or denial of service.
- CVE-2026-24403HIGHCVSS 7.1EG 7.12026-01-24
iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, an integer overflow vulnerability exists in icValidateStatus CIccProfile::CheckHeader() when…
- CVE-2026-24450HIGHCVSS 8.1EG 8.12026-04-07
An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger…
- CVE-2026-24660HIGHCVSS 8.1EG 8.12026-04-07
A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger th…
- CVE-2026-24808HIGHCVSS 8.3EG 0.02026-01-27
Integer Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11.
- CVE-2026-24814CRITICALCVSS 10.0EG 0.02026-01-27
Integer Overflow or Wraparound vulnerability in swoole swoole-src (thirdparty/hiredis modules). This vulnerability is associated with program files sds.C. This issue affects swoole-src: before 6.0.2.
- CVE-2026-24830CRITICALCVSS 9.8EG 9.82026-01-27
Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2.
- CVE-2026-24875HIGHCVSS 7.8EG 7.82026-01-27
Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1.
- CVE-2026-24889MEDIUMCVSS 5.3EG 5.32026-01-28
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the `Bytes::slice`, `Vec::slice`, and `Prng::gen_range` (for `u64`) methods in the `soroban-sdk` in versions up to and including `25.0.1`, `23.5.1`, a…
- CVE-2026-25208HIGHCVSS 8.1EG 8.12026-04-13
Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
- CVE-2026-25210MEDIUMCVSS 6.9EG 6.92026-01-30
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.
- CVE-2026-26134HIGHCVSS 7.8EG 7.82026-03-10
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
- CVE-2026-26178HIGHCVSS 8.8EG 8.82026-04-14
Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.
- CVE-2026-27781LOWCVSS 3.3EG 3.32026-05-19
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS.
- CVE-2026-28214MEDIUMCVSS 6.5EG 6.52026-04-17
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize() function can overflow the totalLength value when parsing a Wide type clumplet, causing an…
- CVE-2026-28532MEDIUMCVSS 6.5EG 6.52026-04-30
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t values returned by the TLV_SIZE() macro,…
- CVE-2026-28952HIGHCVSS 7.5EG 7.52026-05-11
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination.
- CVE-2026-31412MEDIUMCVSS 5.5EG 5.52026-04-10
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()` function calculates the data size in b…
- CVE-2026-31491MEDIUMCVSS 5.5EG 5.52026-04-22
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions An issue was exposed where OS can pass in U32_MAX for SQ/RQ/SRQ size. This can cause integer overflow and truncation of SQ…
- CVE-2026-31633CRITICALCVSS 9.8EG 9.82026-04-24
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's a potential integer overflow due to rounding up token_len before checking it, th…
- CVE-2026-31648HIGHCVSS 7.8EG 7.82026-04-24
In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange cr…
- CVE-2026-31649CRITICALCVSS 9.8EG 9.82026-04-24
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = nopaged_len - bmax; where nopaged_len = s…
- CVE-2026-32316HIGHCVSS 8.2EG 8.22026-04-13
jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_copy_replace_bad functions, where concatenating strings with a combined length exceeding 2^31…
- CVE-2026-32849MEDIUMCVSS 5.5EG 5.52026-05-18
NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodev_op() function in sys/opencrypto/cryptodev.c where the local variable iov_len is declared as a signed int but assigned from an unsigned cop->ds…
- CVE-2026-32952MEDIUMCVSS 5.3EG 5.32026-04-24
go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using `ntlmssp.Negotiator`…
- CVE-2026-33019HIGHCVSS 7.1EG 7.12026-04-14
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinate…
- CVE-2026-33020HIGHCVSS 7.1EG 7.12026-04-14
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixel_frame_convert_to_rgb888() in frame.c, where allocation size…
Map vulnerabilities like CWE-190 to your infrastructure
EchelonGraph correlates every CVE — across CWE-190 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →