CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,311 vulnerabilities with CWE-122
CVE-2026-47652 HIGH
Microsoft Windows 11 version 23H2 - Windows Hyper-V Remote Code Execution Vulnerability
CVSS 8.2
CVE-2026-47635 HIGH
Microsoft Outlook and Word Remote Code Execution Vulnerability
CVSS 8.4
CVE-2026-47291 CRITICAL
Microsoft Windows HTTP.sys - Remote Code Execution via Integer Overflow
CVSS 9.8
CVE-2026-47289 HIGH
Microsoft Windows 10 Version 1607 - Remote Desktop Client Remote Code Execution Vulnerability
CVSS 8.8
CVE-2026-45657 CRITICAL
Microsoft Windows 11 version 23H2 - Windows Kernel Remote Code Execution Vulnerability
CVSS 9.8
CVE-2026-45653 HIGH
Microsoft Windows 10 Version 1607 - Windows Kernel Elevation of Privilege Vulnerability
CVSS 7.0
CVE-2026-45638 HIGH
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-45636 HIGH
Microsoft Windows 10 Version 1607 - Windows NTFS Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-45475 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-45469 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-45466 LOW
Microsoft Word Information Disclosure Vulnerability
CVSS 3.3
CVE-2026-44824 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-44819 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-44814 MEDIUM
Microsoft Windows 11 version 26H1 - Windows DWM Core Library Information Disclosure Vulnerability
CVSS 5.5
CVE-2026-44811 HIGH
Microsoft Windows 11 version 26H1 - Windows DWM Core Library Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-44808 HIGH
Microsoft Windows 11 version 26H1 - Windows DWM Core Library Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-44799 HIGH
Remote Desktop Client Remote Code Execution Vulnerability
CVSS 7.5
CVE-2026-42993 HIGH
Microsoft Windows 10 Version 21H2 - Remote Desktop Client Remote Code Execution Vulnerability
CVSS 7.5
CVE-2026-42992 HIGH
Microsoft Windows 10 Version 1607 - Remote Desktop Client Remote Code Execution Vulnerability
CVSS 7.5
CVE-2026-42980 HIGH
Microsoft Windows 10 Version 1607 - NT OS Kernel Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-42904 CRITICAL
Microsoft Windows 10 Version 21H2 - Windows TCP/IP Elevation of Privilege Vulnerability
CVSS 9.6
CVE-2026-41108 HIGH
Microsoft Windows 10 Version 1607 - Windows DNS Client Elevation of Privilege Vulnerability
CVSS 7.0
CVE-2026-40404 HIGH
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-24180 HIGH
Nvidia Dali - Heap-based Buffer Overflow
CVSS 7.3
CVE-2026-11792 LOW
389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)
CVSS 3.3
Details
Vulnerabilities 2,311
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits