CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,311 vulnerabilities with CWE-122
CVE-2026-42831 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-41096 CRITICAL
Microsoft Windows 11 version 22H3 - Windows DNS Client Remote Code Execution Vulnerability
CVSS 9.8
CVE-2026-40407 HIGH
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-40403 HIGH
Microsoft Windows 10 Version 1607 - Windows Graphics Component Remote Code Execution Vulnerability
CVSS 8.8
CVE-2026-40398 HIGH
Microsoft Windows 10 Version 1607 - Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-40380 MEDIUM
Windows Volume Manager Extension Driver Remote Code Execution Vulnerability
CVSS 6.2
CVE-2026-40377 HIGH
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-40364 HIGH
Microsoft Word Remote Code Execution Vulnerability
CVSS 8.4
CVE-2026-40363 HIGH
Microsoft Office Remote Code Execution Vulnerability
CVSS 8.4
CVE-2026-40362 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-35421 HIGH
Microsoft Windows GDI - Heap Buffer Overflow Remote Code Execution
CVSS 7.8
CVE-2026-35420 HIGH
Microsoft Windows Server 2012 - Windows Kernel Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-34687 HIGH
Illustrator | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-34642 HIGH
After Effects | Heap-based Buffer Overflow (CWE-122)
CVSS 7.8
CVE-2026-34343 HIGH
Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-34336 HIGH
Microsoft Windows 10 Version 1607 - Windows DWM Core Library Information Disclosure Vulnerability
CVSS 7.8
CVE-2026-34329 HIGH
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVSS 8.8
CVE-2026-33841 HIGH
Microsoft Windows 10 Version 21H2 - Windows Kernel Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-33837 HIGH
Microsoft Windows 10 Version 1607 - Windows TCP/IP Local Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-32177 HIGH
Microsoft .NET - Heap Buffer Overflow Privilege Escalation
CVSS 7.3
CVE-2026-42046 HIGH
libcaca: Heap OOB write in canvas import functions caused by int overflow
CVSS 7.8
CVE-2026-8261 MEDIUM
Squirrel sqobject.cpp Load heap-based overflow
CVSS 5.9
CVE-2026-8213 MEDIUM
OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow
CVSS 5.3
CVE-2026-8212 MEDIUM
OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow
CVSS 5.3
CVE-2026-42309 MEDIUM
Pillow: Heap buffer overflow with nested list coordinates
CVSS 5.5
Details
Vulnerabilities 2,311
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits