In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. I…

CVE-2026-7598HIGHCVSS 7.3EG 7.3

2026-05-01

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. T…

CVE-2026-8295MEDIUMCVSS 6.9EG 6.9

2026-05-14

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string_builder::escape_and_append()" when processing very large input strings on platforms with limited "size_t" width (e.…

CVE-2026-8631CRITICALCVSS 9.8EG 9.8

2026-05-20

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups pro…

CVE-2026-8949HIGHCVSS 7.5EG 7.5

2026-05-19

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

CVE-2026-8956CRITICALCVSS 9.8EG 9.8

2026-05-19

Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

CVE-2026-9882MEDIUMCVSS 6.5EG 4.3

2026-05-28

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Critical)

CWE-190— Integer Overflow or Wraparound

CVEs classified under CWE-190page 57 of 57

Map vulnerabilities like CWE-190 to your infrastructure