Skip to main content

CWE-122

Heap-based Buffer Overflow

2007 CVEs Avg CVSS 7.8 MITRE
212
CRITICAL
1454
HIGH
288
MEDIUM
48
LOW
349
POC
14
KEV

Monthly

CVE-2026-42533 CRITICAL PATCH Act Now

Heap buffer overflow in NGINX Plus and NGINX Open Source lets unauthenticated remote attackers crash worker processes (DoS) and, on hosts with ASLR disabled or bypassed, potentially execute arbitrary code by sending crafted HTTP requests. The flaw is a data-plane-only issue triggered when a regex-based map directive references the map's regex capture variables before the map output variable in a string expression, or via a non-cacheable variable under certain conditions. F5 has released a patched version; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Nginx Heap Overflow Buffer Overflow RCE Nginx Plus +1
NVD
CVSS 4.0
9.2
CVE-2026-61464 LOW PATCH Monitor

Heap-based buffer over-write in ImageMagick's X11 import functionality exposes local systems to heap memory corruption and denial of service when processing a crafted X11 window title. Affected versions span both the 7.x branch (before 7.1.2-26) and the legacy 6.x branch (before 6.9.13-51), covering a large installed base across Linux and Unix environments. No public exploit identified at time of analysis, and the narrow exploitation conditions - requiring local privileged access with X11 in scope - significantly constrain real-world risk despite the CWE-122 heap overflow class.

Heap Overflow Buffer Overflow Denial Of Service Imagemagick
NVD GitHub VulDB
CVSS 4.0
1.0
CVE-2026-48339 HIGH This Week

Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap-based buffer overflow (CWE-122), letting an attacker run code in the context of the current user. The flaw was reported by Adobe and disclosed in advisory APSB26-81; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is file-borne and requires user interaction, so it is not remotely triggerable without a user opening attacker-supplied content.

Heap Overflow Buffer Overflow RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-24272 HIGH This Week

Code execution in NVIDIA TensorRT is possible when the SDK processes a maliciously crafted input that overflows a heap-based buffer (CWE-122), corrupting adjacent heap memory. The flaw affects the TensorRT deep-learning inference library and requires a local user to load attacker-supplied content, per the AV:L/UI:R CVSS vector; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Successful exploitation yields full loss of confidentiality, integrity, and availability (C:H/I:H/A:H) in the context of the process running the inference job.

Heap Overflow Buffer Overflow Nvidia RCE Tensorrt
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24268 HIGH This Week

Local code execution in NVIDIA TensorRT is possible when the library parses an attacker-supplied input (such as a crafted model/engine file), triggering a heap-based buffer overflow (CWE-122) that can corrupt memory and lead to arbitrary code execution in the context of the process using TensorRT. The CVSS 3.1 vector (AV:L/UI:R) indicates the attacker needs local access and must induce a user or application to load malicious content, and there is no public exploit identified at time of analysis. TensorRT is NVIDIA's deep-learning inference SDK, so the affected population is developers, MLOps pipelines, and inference servers that load third-party or untrusted models.

Heap Overflow Buffer Overflow Nvidia RCE Tensorrt
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-15767 HIGH PATCH This Week

Heap buffer overflow in libyuv in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: High)

Google Heap Overflow Buffer Overflow Microsoft RCE
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-48269 HIGH This Week

Arbitrary code execution in Adobe Premiere Pro is possible via a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted project or media file, running attacker code in the context of the current user. The flaw is local and requires user interaction, with no public exploit identified at time of analysis; Adobe self-reported it in advisory APSB26-76. CVSS 7.8 reflects high confidentiality, integrity, and availability impact but a local attack vector gated by the user opening a malicious file.

Heap Overflow Buffer Overflow RCE Premiere
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-47471 HIGH This Week

Heap-based buffer overflow in NVIDIA TensorRT-LLM's tensor deserialization path lets an adjacent, unauthenticated attacker corrupt heap memory by supplying a crafted serialized tensor, potentially causing information disclosure, data tampering, or denial of service. All platforms running affected TensorRT-LLM versions are impacted. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; NVIDIA rates exploitation as high-complexity (AC:H).

Nvidia Denial Of Service Heap Overflow Information Disclosure Deserialization +2
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-58542 HIGH PATCH NEWS This Week

Local code execution in Windows Media on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 lets an attacker run arbitrary code by luring a user into opening a maliciously crafted media file. The CVSS 3.1 base score is 7.8 with full confidentiality, integrity, and availability impact but requiring user interaction, and there is no public exploit identified at time of analysis. Microsoft has released a patch via MSRC.

Heap Overflow Buffer Overflow Microsoft Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-58547 MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Universal Plug and Play (upnp.dll) allows an authorized attacker to elevate privileges locally.

Heap Overflow Buffer Overflow Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVSS 9.2
CRITICAL PATCH Act Now

Heap buffer overflow in NGINX Plus and NGINX Open Source lets unauthenticated remote attackers crash worker processes (DoS) and, on hosts with ASLR disabled or bypassed, potentially execute arbitrary code by sending crafted HTTP requests. The flaw is a data-plane-only issue triggered when a regex-based map directive references the map's regex capture variables before the map output variable in a string expression, or via a non-cacheable variable under certain conditions. F5 has released a patched version; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Nginx Heap Overflow Buffer Overflow +3
NVD
CVSS 1.0
LOW PATCH Monitor

Heap-based buffer over-write in ImageMagick's X11 import functionality exposes local systems to heap memory corruption and denial of service when processing a crafted X11 window title. Affected versions span both the 7.x branch (before 7.1.2-26) and the legacy 6.x branch (before 6.9.13-51), covering a large installed base across Linux and Unix environments. No public exploit identified at time of analysis, and the narrow exploitation conditions - requiring local privileged access with X11 in scope - significantly constrain real-world risk despite the CWE-122 heap overflow class.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap-based buffer overflow (CWE-122), letting an attacker run code in the context of the current user. The flaw was reported by Adobe and disclosed in advisory APSB26-81; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is file-borne and requires user interaction, so it is not remotely triggerable without a user opening attacker-supplied content.

Heap Overflow Buffer Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Code execution in NVIDIA TensorRT is possible when the SDK processes a maliciously crafted input that overflows a heap-based buffer (CWE-122), corrupting adjacent heap memory. The flaw affects the TensorRT deep-learning inference library and requires a local user to load attacker-supplied content, per the AV:L/UI:R CVSS vector; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Successful exploitation yields full loss of confidentiality, integrity, and availability (C:H/I:H/A:H) in the context of the process running the inference job.

Heap Overflow Buffer Overflow Nvidia +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Local code execution in NVIDIA TensorRT is possible when the library parses an attacker-supplied input (such as a crafted model/engine file), triggering a heap-based buffer overflow (CWE-122) that can corrupt memory and lead to arbitrary code execution in the context of the process using TensorRT. The CVSS 3.1 vector (AV:L/UI:R) indicates the attacker needs local access and must induce a user or application to load malicious content, and there is no public exploit identified at time of analysis. TensorRT is NVIDIA's deep-learning inference SDK, so the affected population is developers, MLOps pipelines, and inference servers that load third-party or untrusted models.

Heap Overflow Buffer Overflow Nvidia +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in libyuv in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: High)

Google Heap Overflow Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Premiere Pro is possible via a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted project or media file, running attacker code in the context of the current user. The flaw is local and requires user interaction, with no public exploit identified at time of analysis; Adobe self-reported it in advisory APSB26-76. CVSS 7.8 reflects high confidentiality, integrity, and availability impact but a local attack vector gated by the user opening a malicious file.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Heap-based buffer overflow in NVIDIA TensorRT-LLM's tensor deserialization path lets an adjacent, unauthenticated attacker corrupt heap memory by supplying a crafted serialized tensor, potentially causing information disclosure, data tampering, or denial of service. All platforms running affected TensorRT-LLM versions are impacted. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; NVIDIA rates exploitation as high-complexity (AC:H).

Nvidia Denial Of Service Heap Overflow +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in Windows Media on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 lets an attacker run arbitrary code by luring a user into opening a maliciously crafted media file. The CVSS 3.1 base score is 7.8 with full confidentiality, integrity, and availability impact but requiring user interaction, and there is no public exploit identified at time of analysis. Microsoft has released a patch via MSRC.

Heap Overflow Buffer Overflow Microsoft +5
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Universal Plug and Play (upnp.dll) allows an authorized attacker to elevate privileges locally.

Heap Overflow Buffer Overflow Windows 10 Version 1809 +10
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy