Skip to main content

CWE-369

Divide By Zero

373 CVEs Avg CVSS 5.9 MITRE
1
CRITICAL
66
HIGH
286
MEDIUM
20
LOW
149
POC
0
KEV

Monthly

CVE-2026-14801 MEDIUM PATCH This Month

Divide-by-zero in GPAC's TeXML file handler crashes the process when a crafted file carries a zero or invalid txml_timescale value, triggering an unhandled arithmetic exception in txtin_probe_duration. The affected version is the development snapshot 26.03-DEV-rev342-g80071f700-master; exploitation is constrained to local users able to supply malicious input files, with impact limited to a process-level denial of service. No active exploitation or public proof-of-concept has been identified; an upstream fix commit is available on GitHub but no patched stable release has been independently confirmed.

Information Disclosure Gpac
NVD VulDB GitHub
CVSS 4.0
4.8
EPSS
0.1%
CVE-2026-14629 LOW POC PATCH Monitor

Divide-by-zero in RT-Thread's lightweight process (lwp) syscall handler allows a low-privileged remote attacker to crash the RTOS by sending crafted read, write, or sys_ioctl system calls with malicious parameters to the affected handler in components/lwp/lwp_syscall.c. Affected versions are 5.2.2 and below. A public proof-of-concept exploit has been disclosed via GitHub issue #11429, though this vulnerability has not been added to the CISA KEV catalog, suggesting exploitation remains opportunistic rather than broadly weaponized. The upstream fix exists only as a pull request (PR #11453) awaiting merge acceptance.

Information Disclosure Rt Thread
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
CVE-2026-6683 MEDIUM This Month

Divide-by-zero in FatFs R0.16 and earlier's exFAT sync logic crashes the filesystem when crafted volume metadata causes the expression `n_fatent - 2` to evaluate to zero during write/sync operations, resulting in a hard fault or denial of service on the affected embedded device. The elm-chan FatFs library is widely bundled into microcontroller SDKs and IoT firmware, meaning the vulnerable code exists across a broad range of downstream products compiled with exFAT support. A proof-of-concept exists per SSVC assessment; no confirmed active exploitation (CISA KEV) has been recorded, and the physical attack vector limits mass exploitation, though network-accessible firmware update pipelines can extend effective reach.

Information Disclosure Fatfs
NVD GitHub
CVSS 3.1
4.6
EPSS
0.2%
CVE-2026-36911 MEDIUM This Month

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Denial Of Service N A
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-47153 HIGH PATCH This Week

Denial of service in Silicon Labs EmberZNet Zigbee stack (v9.0.2 and earlier) allows a device already joined to the Zigbee network to crash a target node by sending a malformed Level Control 'Step' command that triggers a divide-by-zero (CWE-369) fault and terminates the process. Only nodes implementing the Level Control cluster are affected, and exploitation requires the attacker to already be an authenticated member of the network (CVSS 4.0 PR:L, VA:H). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Information Disclosure Emberznet
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.2%
CVE-2026-47152 HIGH PATCH This Week

Denial of service in Silicon Labs EmberZNet (Zigbee stack) v9.0.2 and earlier allows an already-joined network device to crash the host process via a malformed Level Control 'Move' command that triggers a divide-by-zero fault. Only deployments where the target device supports the Level Control cluster are affected, and exploitation requires the attacker to be an authenticated member of the Zigbee network (PR:L). No public exploit identified at time of analysis; this is not on CISA KEV.

Information Disclosure Emberznet
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.2%
CVE-2025-55642 MEDIUM This Month

Divide-by-zero in GPAC's MP4Box AVI demuxer crashes the process when handling crafted media files with zero-declared frame counts. Specifically, avidmx_process() in filters/dmx_avi.c:639 fails to validate the frame count before using it as a divisor during Dasher bitrate computation, triggering an uncaught floating-point exception (FPE) when DASH segmentation is invoked. A public proof-of-concept file exists; exploitation requires no authentication or special privileges beyond delivering a malformed AVI-like input to an affected MP4Box instance. EPSS data is not yet available, and the vulnerability is not listed in CISA KEV, indicating no confirmed widespread exploitation at time of analysis.

Information Disclosure Gpac
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-70100 MEDIUM POC This Month

Divide-by-zero in lwext4 1.0.0's ext4_block_set_lb_size function (src/ext4_blockdev.c) crashes any application that mounts or processes a crafted ext4 filesystem image with a zero logical block size. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) confirms the impact is limited to availability - no code execution or data exposure - but the crash is reliable and reproducible. Publicly available exploit code exists demonstrating the issue; no active exploitation has been confirmed by CISA KEV.

Denial Of Service Lwext4
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-10201 LOW POC Monitor

Divide-by-zero in Assimp's FBXExporter (UV Channel Handler) up to version 6.0.4 crashes the application when processing maliciously crafted UV channel data during FBX export, resulting in a local denial-of-service condition. An authenticated local user with low privileges can trigger the crash by supplying crafted input to the FBXExporter::WriteObjects function in FBXExporter.cpp. Publicly available exploit code exists via a POC ZIP hosted on GitHub; no active exploitation is confirmed (not in CISA KEV), and the CVSS 4.0 score of 1.9 reflects the severely constrained real-world impact.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-37232 HIGH This Week

Denial of service in OpenAirInterface5G 2.4.0 (nr-softmodem) allows unauthenticated remote attackers to crash an entire 5G base station by triggering a divide-by-zero in the E2SM-KPM RAN Function's PRB utilization calculation. By flooding E42 subscription requests through the FlexRIC iApp on port 36422/SCTP, an attacker forces consecutive identical PRB aggregate samples that produce a zero divisor, raising SIGFPE and interrupting service for all connected UEs. No public exploit identified at time of analysis, and EPSS probability is very low at 0.03%, but the unauthenticated network vector and total cell outage make this a high-impact availability flaw.

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.0%
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Divide-by-zero in GPAC's TeXML file handler crashes the process when a crafted file carries a zero or invalid txml_timescale value, triggering an unhandled arithmetic exception in txtin_probe_duration. The affected version is the development snapshot 26.03-DEV-rev342-g80071f700-master; exploitation is constrained to local users able to supply malicious input files, with impact limited to a process-level denial of service. No active exploitation or public proof-of-concept has been identified; an upstream fix commit is available on GitHub but no patched stable release has been independently confirmed.

Information Disclosure Gpac
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Divide-by-zero in RT-Thread's lightweight process (lwp) syscall handler allows a low-privileged remote attacker to crash the RTOS by sending crafted read, write, or sys_ioctl system calls with malicious parameters to the affected handler in components/lwp/lwp_syscall.c. Affected versions are 5.2.2 and below. A public proof-of-concept exploit has been disclosed via GitHub issue #11429, though this vulnerability has not been added to the CISA KEV catalog, suggesting exploitation remains opportunistic rather than broadly weaponized. The upstream fix exists only as a pull request (PR #11453) awaiting merge acceptance.

Information Disclosure Rt Thread
NVD VulDB GitHub
EPSS 0% CVSS 4.6
MEDIUM This Month

Divide-by-zero in FatFs R0.16 and earlier's exFAT sync logic crashes the filesystem when crafted volume metadata causes the expression `n_fatent - 2` to evaluate to zero during write/sync operations, resulting in a hard fault or denial of service on the affected embedded device. The elm-chan FatFs library is widely bundled into microcontroller SDKs and IoT firmware, meaning the vulnerable code exists across a broad range of downstream products compiled with exFAT support. A proof-of-concept exists per SSVC assessment; no confirmed active exploitation (CISA KEV) has been recorded, and the physical attack vector limits mass exploitation, though network-accessible firmware update pipelines can extend effective reach.

Information Disclosure Fatfs
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Denial Of Service N A
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in Silicon Labs EmberZNet Zigbee stack (v9.0.2 and earlier) allows a device already joined to the Zigbee network to crash a target node by sending a malformed Level Control 'Step' command that triggers a divide-by-zero (CWE-369) fault and terminates the process. Only nodes implementing the Level Control cluster are affected, and exploitation requires the attacker to already be an authenticated member of the network (CVSS 4.0 PR:L, VA:H). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Information Disclosure Emberznet
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in Silicon Labs EmberZNet (Zigbee stack) v9.0.2 and earlier allows an already-joined network device to crash the host process via a malformed Level Control 'Move' command that triggers a divide-by-zero fault. Only deployments where the target device supports the Level Control cluster are affected, and exploitation requires the attacker to be an authenticated member of the Zigbee network (PR:L). No public exploit identified at time of analysis; this is not on CISA KEV.

Information Disclosure Emberznet
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Divide-by-zero in GPAC's MP4Box AVI demuxer crashes the process when handling crafted media files with zero-declared frame counts. Specifically, avidmx_process() in filters/dmx_avi.c:639 fails to validate the frame count before using it as a divisor during Dasher bitrate computation, triggering an uncaught floating-point exception (FPE) when DASH segmentation is invoked. A public proof-of-concept file exists; exploitation requires no authentication or special privileges beyond delivering a malformed AVI-like input to an affected MP4Box instance. EPSS data is not yet available, and the vulnerability is not listed in CISA KEV, indicating no confirmed widespread exploitation at time of analysis.

Information Disclosure Gpac
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Divide-by-zero in lwext4 1.0.0's ext4_block_set_lb_size function (src/ext4_blockdev.c) crashes any application that mounts or processes a crafted ext4 filesystem image with a zero logical block size. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) confirms the impact is limited to availability - no code execution or data exposure - but the crash is reliable and reproducible. Publicly available exploit code exists demonstrating the issue; no active exploitation has been confirmed by CISA KEV.

Denial Of Service Lwext4
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

Divide-by-zero in Assimp's FBXExporter (UV Channel Handler) up to version 6.0.4 crashes the application when processing maliciously crafted UV channel data during FBX export, resulting in a local denial-of-service condition. An authenticated local user with low privileges can trigger the crash by supplying crafted input to the FBXExporter::WriteObjects function in FBXExporter.cpp. Publicly available exploit code exists via a POC ZIP hosted on GitHub; no active exploitation is confirmed (not in CISA KEV), and the CVSS 4.0 score of 1.9 reflects the severely constrained real-world impact.

Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH This Week

Denial of service in OpenAirInterface5G 2.4.0 (nr-softmodem) allows unauthenticated remote attackers to crash an entire 5G base station by triggering a divide-by-zero in the E2SM-KPM RAN Function's PRB utilization calculation. By flooding E42 subscription requests through the FlexRIC iApp on port 36422/SCTP, an attacker forces consecutive identical PRB aggregate samples that produce a zero divisor, raising SIGFPE and interrupting service for all connected UEs. No public exploit identified at time of analysis, and EPSS probability is very low at 0.03%, but the unauthenticated network vector and total cell outage make this a high-impact availability flaw.

Denial Of Service
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy