CWE-191— Integer Underflow
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.— MITRE CWE catalog
453 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-191page 7 of 10
- CVE-2024-6285HIGHCVSS 7.5EG 7.52024-06-24
Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.
- CVE-2025-0727HIGHCVSS 7.5EG 7.52025-02-21
In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Le…
- CVE-2025-0728HIGHCVSS 7.5EG 7.52025-02-21
In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Le…
- CVE-2025-10933MEDIUMCVSS 5.3EG 5.32026-01-05
An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of bounds memory reads.
- CVE-2025-11931HIGHCVSS 8.2EG 8.22025-11-21
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct calls from an…
- CVE-2025-14547NONECVSS 0.0EG 2.32026-02-20
An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.
- CVE-2025-1924HIGHCVSS 8.2EG 8.22026-02-13
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary pro…
- CVE-2025-1991HIGHCVSS 7.5EG 7.52025-06-28
IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets.
- CVE-2025-21122HIGHCVSS 7.8EG 7.82025-01-14
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue require…
- CVE-2025-21133HIGHCVSS 7.8EG 7.82025-01-14
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us…
- CVE-2025-21134HIGHCVSS 7.8EG 7.82025-01-14
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires us…
- CVE-2025-21135HIGHCVSS 7.8EG 7.82025-01-14
Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user …
- CVE-2025-21156HIGHCVSS 7.8EG 7.82025-02-11
InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user int…
- CVE-2025-21158HIGHCVSS 7.8EG 7.82025-02-11
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue req…
- CVE-2025-21160HIGHCVSS 7.8EG 7.82025-02-11
Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use…
- CVE-2025-21276HIGHCVSS 7.5EG 7.52025-01-14
Windows MapUrlToZone Denial of Service Vulnerability
- CVE-2025-21376HIGHCVSS 8.1EG 8.12025-02-11
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
- CVE-2025-2258HIGHCVSS 7.5EG 7.52025-04-06
In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets w…
- CVE-2025-2259HIGHCVSS 7.5EG 7.52025-04-06
In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Le…
- CVE-2025-23335MEDIUMCVSS 4.4EG 4.42025-08-06
NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerab…
- CVE-2025-2523CRITICALCVSS 9.4EG 9.42025-07-10
The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to a Communication Channel M…
- CVE-2025-2581MEDIUMCVSS 4.3EG 4.32025-03-21
A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launc…
- CVE-2025-26269LOWCVSS 3.3EG 3.32025-04-17
DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer.
- CVE-2025-29909CRITICALCVSS 9.8EG 9.82025-03-17
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versi…
- CVE-2025-29912CRITICALCVSS 9.8EG 9.82025-03-17
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versi…
- CVE-2025-29913CRITICALCVSS 9.8EG 9.82025-03-17
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critic…
- CVE-2025-29974MEDIUMCVSS 5.7EG 5.72025-05-13
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.
- CVE-2025-30296HIGHCVSS 7.8EG 7.82025-04-08
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi…
- CVE-2025-30324HIGHCVSS 7.8EG 7.82025-05-13
Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi…
- CVE-2025-30356CRITICALCVSS 9.8EG 9.82025-04-01
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3…
- CVE-2025-30668MEDIUMCVSS 6.5EG 6.52025-05-14
Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.
- CVE-2025-38161MEDIUMCVSS 5.5EG 5.52025-07-03
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Upon RQ destruction if the firmware command fails which is the last resource to be destroyed some SW r…
- CVE-2025-38200CVSS 0.0EG 5.52025-07-04
In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to a…
- CVE-2025-38463MEDIUMCVSS 5.5EG 5.52025-07-25
In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug [1] where sk->sk_forward_alloc can overflow. When we send data, if an skb exists at …
- CVE-2025-3947HIGHCVSS 8.2EG 8.22025-07-10
The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in i…
- CVE-2025-39928MEDIUMCVSS 5.5EG 5.52025-10-01
In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300_i2c_config_xfer' to ensure the data length isn't within …
- CVE-2025-43546HIGHCVSS 7.8EG 7.82025-05-13
Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user i…
- CVE-2025-43555HIGHCVSS 7.8EG 7.82025-05-13
Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user…
- CVE-2025-47097HIGHCVSS 7.8EG 7.82025-07-08
InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user int…
- CVE-2025-47128HIGHCVSS 7.8EG 7.82025-07-08
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi…
- CVE-2025-47130HIGHCVSS 7.8EG 7.82025-07-08
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi…
- CVE-2025-47136HIGHCVSS 7.8EG 7.82025-07-08
InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user…
- CVE-2025-47256MEDIUMCVSS 5.6EG 5.62025-05-06
Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file.
- CVE-2025-47996HIGHCVSS 7.8EG 7.82025-07-08
Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-48021MEDIUMCVSS 6.5EG 6.52026-02-13
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and ve…
- CVE-2025-49112LOWCVSS 3.1EG 3.12025-06-02
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.
- CVE-2025-4948HIGHCVSS 7.5EG 7.52025-05-19
A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially craf…
- CVE-2025-49532HIGHCVSS 7.8EG 7.82025-07-08
Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires u…
- CVE-2025-49744HIGHCVSS 7.0EG 7.02025-07-08
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-52471CRITICALCVSS 9.8EG 9.82025-06-24
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.…
Map vulnerabilities like CWE-191 to your infrastructure
EchelonGraph correlates every CVE — across CWE-191 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →