CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,312 vulnerabilities with CWE-122
CVE-2026-31883 MEDIUM
FreeRDP <3.24.0 - Heap Buffer Overflow
CVSS 6.5
CVE-2026-31806 CRITICAL
FreeRDP <3.24.0 - Memory Corruption
CVSS 9.8
CVE-2026-27940 HIGH
llama.cpp <b8146 - Memory Corruption
CVSS 7.8
CVE-2026-3994 MEDIUM
mold up to 2.40.4 - Heap-Based Buffer Overflow in Object File Handler
CVSS 5.3
CVE-2026-3931 HIGH
Google Chrome <146.0.7680.71 - Buffer Overflow
CVSS 8.8
CVE-2026-3915 HIGH
Google Chrome <146.0.7680.71 - Buffer Overflow
CVSS 8.8
CVE-2026-3913 HIGH
Google Chrome <146.0.7680.71 - Buffer Overflow
CVSS 8.8
CVE-2026-1652 MEDIUM
Lenovo Virtual Bus Driver - Buffer Overflow
CVSS 6.1
CVE-2026-31853 MEDIUM
ImageMagick <7.1.2-16/<6.9.13-41 - Buffer Overflow
CVSS 5.7
CVE-2026-27271 HIGH
Illustrator <=30.1 - Buffer Overflow
CVSS 7.8
CVE-2026-3845 HIGH
Firefox for Android <148.0.2 - Buffer Overflow
CVSS 8.8
CVE-2026-31796 HIGH
iccDEV <2.3.1.5 - Memory Corruption
CVSS 7.8
CVE-2026-30985 HIGH
iccDEV <2.3.1.5 - Memory Corruption
CVSS 7.8
CVE-2026-30982 MEDIUM
iccDEV <2.3.1.5 - Memory Corruption
CVSS 6.1
CVE-2026-30979 HIGH
iccDEV <2.3.1.5 - Memory Corruption
CVSS 7.8
CVE-2026-26111 HIGH
Windows Server 2012-2025, Windows 10/11 - Authenticated RCE via Integer Overflow in RRAS
CVSS 8.0
CVE-2026-26108 HIGH
Microsoft Office Excel - Buffer Overflow
CVSS 7.8
CVE-2026-25188 HIGH
Windows Telephony Service - Privilege Escalation
CVSS 8.8
CVE-2026-25173 HIGH
Windows 10/11 Multiple Versions - Remote Code Execution via Integer Overflow in RRAS
CVSS 8.0
CVE-2026-25172 HIGH
Windows Server 2012, 2016, 2019, 2022, 2025 - Authenticated RCE via Integer Overflow in RRAS
CVSS 8.0
CVE-2026-24288 MEDIUM
Windows Mobile Broadband - Buffer Overflow
CVSS 6.8
CVE-2026-24283 HIGH
Windows File Server - Privilege Escalation
CVSS 8.8
CVE-2026-23665 HIGH
Azure Linux VM - Privilege Escalation
CVSS 7.8
CVE-2026-30937 MEDIUM
ImageMagick <7.1.2-16/6.9.13-41 - Memory Corruption
CVSS 6.8
CVE-2026-30936 MEDIUM
ImageMagick <7.1.2-16/6.9.13-41 - Memory Corruption
CVSS 5.5
Details
Vulnerabilities 2,312
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits