CWE-190: Integer Overflow or Wraparound — known CVE vulnerabilities
CVEs classified under CWE-190 (Integer Overflow or Wraparound), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-4689 — CVSS 10.0 (critical): Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149…
CVE-2026-24814: Integer Overflow or Wraparound vulnerability in swoole swoole-src (thirdparty/hiredis modules). This vulnerability is associated with…
CVE-2025-64721 — CVSS 10.0 (critical): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the…
CVE-2015-5108 — CVSS 10.0 (critical): Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before…
CVE-2015-5097 — CVSS 10.0 (critical): Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before…
CVE-2013-2555 — CVSS 10.0 (critical): Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x…
CVE-2012-5143 — CVSS 10.0 (critical): Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified…
CVE-2012-5835 — CVSS 10.0 (critical): Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0…
CVE-2010-3254 — CVSS 10.0 (critical): The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to…
CVE-2010-1233 — CVSS 10.0 (critical): Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving…
CVE-2008-2663 — CVSS 10.0 (critical): Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and…
CVE-2020-27484 — CVSS 9.9 (critical): Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the…
CVE-2026-14544 — CVSS 9.8 (critical): A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a…
CVE-2026-46039 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential…
CVE-2026-48691 — CVSS 9.8 (critical): FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the…
CVE-2026-8631 — CVSS 9.8 (critical): A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may…
CVE-2026-8956 — CVSS 9.8 (critical): Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and…
CVE-2026-42217 — CVSS 9.8 (critical): OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2026-31649 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm()…
CVE-2026-31633 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In…
CVE-2026-20889 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted…
CVE-2026-30909 — CVSS 9.8 (critical): Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcm_encrypt_afternm and seal…
CVE-2026-2781 — CVSS 9.8 (critical): Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148…
CVE-2026-2774 — CVSS 9.8 (critical): Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8…
CVE-2026-2762 — CVSS 9.8 (critical): Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird…
CVE-2025-14308 — CVSS 9.8 (critical): An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly…
CVE-2025-27918 — CVSS 9.8 (critical): An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for…
CVE-2025-54957 — CVSS 9.8 (critical): An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is…
CVE-2025-53518 — CVSS 9.8 (critical): An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch…
CVE-2025-52581 — CVSS 9.8 (critical): An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch…
CVE-2025-30405 — CVSS 9.8 (critical): An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area…
CVE-2025-30404 — CVSS 9.8 (critical): An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code…
CVE-2025-49710 — CVSS 9.8 (critical): An integer overflow was present in `OrderedHashTable` used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4.
CVE-2025-3277 — CVSS 9.8 (critical): An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a…
CVE-2025-0838 — CVSS 9.8 (critical): There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of…
CVE-2023-34399 — CVSS 9.8 (critical): Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized…
CVE-2024-40765 — CVSS 9.8 (critical): An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of…
CVE-2024-50944 — CVSS 9.8 (critical): Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart…
CVE-2024-47537 — CVSS 9.8 (critical): GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by…
CVE-2024-36671 — CVSS 9.8 (critical): nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.
CVE-2024-11236 — CVSS 9.8 (critical): In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on…
CVE-2024-43091 — CVSS 9.8 (critical): In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code…
CVE-2024-46613 — CVSS 9.8 (critical): WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items…
CVE-2024-46483 — CVSS 9.8 (critical): Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap…
CVE-2024-45492 — CVSS 9.8 (critical): An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit…
CVE-2024-45491 — CVSS 9.8 (critical): An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms…
CVE-2024-30949 — CVSS 9.8 (critical): An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.
CVE-2024-41184 — CVSS 9.8 (critical): In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record…