CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,135 vulnerabilities with CWE-122
CVE-2026-6491 MEDIUM
libvips nip2 vips7compat.c im_minpos_vec heap-based overflow
CVSS 5.3
CVE-2026-40504 CRITICAL
Creolabs Gravity < 0.9.6 Heap Buffer Overflow via gravity_vm_exec
CVSS 9.8
CVE-2026-6361 HIGH
Google Chrome < 147.0.7727.101 - Buffer Overflow
CVSS 8.3
CVE-2026-6306 HIGH
Google Chrome < 147.0.7727.101 - Buffer Overflow
CVSS 8.8
CVE-2026-6305 HIGH
Google Chrome < 147.0.7727.101 - Buffer Overflow
CVSS 8.8
CVE-2026-6298 MEDIUM
Google Chrome < 147.0.7727.101 - Buffer Overflow
CVSS 4.3
CVE-2026-6296 CRITICAL
Google Chrome < 147.0.7727.101 - Buffer Overflow
CVSS 9.6
CVE-2026-27301 MEDIUM
Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)
CVSS 5.5
CVE-2026-27293 HIGH
Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-33020 HIGH
libsixel: Integer Overflow in write_png_to_file() leads to Heap-based Buffer Overflow
CVSS 7.1
CVE-2026-34630 HIGH
Bridge | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-27313 HIGH
Bridge | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-27312 HIGH
Bridge | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-27311 HIGH
Bridge | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-27310 HIGH
Bridge | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-34629 HIGH
InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-34628 HIGH
InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-34627 HIGH
InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-32223 MEDIUM
Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability
CVSS 6.8
CVE-2026-32221 HIGH
Windows Graphics Component Remote Code Execution Vulnerability
CVSS 8.4
CVE-2026-32149 HIGH
Windows Hyper-V Remote Code Execution Vulnerability
CVSS 7.3
CVE-2026-32093 HIGH
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVSS 7.0
CVE-2026-32087 HIGH
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVSS 7.0
CVE-2026-26180 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-26176 HIGH
Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability
CVSS 7.8
Details
Vulnerabilities 2,135
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits