CWE-190 · Integer Overflow or Wraparound

3222 CVEs classified under CWE-190 (Integer Overflow or Wraparound). Browse by severity and year.

Top CVEs for CWE-190
CVESeverityScorePublishedSummary
CVE-2026-4689Critical10.02026-03-24Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34…
CVE-2025-64721Critical10.02025-12-11Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the SYSTEM-level servic…
CVE-2026-33642Critical9.92026-05-19Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validatio…
CVE-2020-27484Critical9.92020-11-16Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the at…
CVE-2026-47291Critical9.82026-06-09Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.
CVE-2026-46039Critical9.82026-05-27In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rx…
CVE-2026-48691Critical9.82026-05-26FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the IPv4UnicastAnnounce…
CVE-2026-8631Critical9.82026-05-20A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of priv…
CVE-2026-8956Critical9.82026-05-19Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVE-2026-42217Critical9.82026-05-07OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions…
CVE-2026-31649Critical9.82026-04-24In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementatio…
CVE-2026-31633Critical9.82026-04-24In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's…
CVE-2026-20889Critical9.82026-04-07A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead t…
CVE-2026-30909Critical9.82026-03-08Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcm_encrypt_afternm and seal functions do not che…
CVE-2026-2781Critical9.82026-02-24Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Fir…
CVE-2026-2774Critical9.82026-02-24Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunder…
CVE-2026-2762Critical9.82026-02-24Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbir…
CVE-2026-24830Critical9.82026-01-27Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2.
CVE-2025-14308Critical9.82025-12-09An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length…
CVE-2025-27918Critical9.82025-11-06An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and…