Skip to main content

CWE-191

Integer Underflow

348 CVEs Avg CVSS 7.2 MITRE
41
CRITICAL
191
HIGH
105
MEDIUM
10
LOW
59
POC
2
KEV

Monthly

CVE-2026-48298 MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48296 MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow
NVD VulDB
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-55039 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Excel (and the broader Office suite through Microsoft 365 Apps, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) arises from an integer underflow (CWE-191) in Excel's file parsing, letting an attacker run arbitrary code in the context of the user who opens a maliciously crafted spreadsheet. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows no attacker privileges are needed but the victim must open the file, giving full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available.

Authentication Bypass Microsoft Integer Overflow Microsoft 365 Apps For Enterprise Microsoft Excel 2016 +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50300 MEDIUM PATCH Exploit Unlikely This Month

Integer underflow in the Windows Kernel enables a locally authenticated attacker to disclose sensitive kernel memory contents across a broad range of Windows 10, Windows 11, and Windows Server platforms. The CVSS vector (AV:L/AC:L/PR:L/UI:N) confirms that any low-privilege local user can trigger the flaw without special configuration or user interaction, yielding high confidentiality impact with no integrity or availability consequences. Microsoft has released a patch via the July 2026 Security Update Guide; no public exploit has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2026-50308 HIGH PATCH This Week

Local code execution in the Microsoft Windows NTFS file-system driver lets an attacker run arbitrary code by inducing a victim to interact with a specially crafted NTFS artifact (e.g., a malicious volume, VHD, or file). The flaw stems from an integer underflow (CWE-191) and spans a broad range of Windows client and server builds from Windows Server 2012 through Windows Server 2025 and Windows 10/11. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Authentication Bypass Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-49790 HIGH PATCH Exploit Unlikely This Week

Elevation of privilege in the Windows Universal Disk Format File System driver (UDFS.sys) lets a low-privileged local user gain elevated (kernel/SYSTEM) rights after the victim mounts or opens a maliciously crafted UDF volume. The flaw stems from an integer arithmetic error (CWE-191) in the driver that parses UDF-formatted media such as ISO images, optical discs, and virtual disk files, and affects a broad range of Windows client and server releases from Windows Server 2012 and Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. Microsoft reported the issue and has shipped a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Information Disclosure Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2026-49181 HIGH PATCH Exploit Unlikely This Week

Information disclosure (and vendor-labeled privilege elevation) in the Windows DHCP Client affects Windows 10 (1607/1809), Windows Server 2012 through 2025, and their Server Core installations via an integer underflow (CWE-191) reachable over the network. A remote attacker positioned to answer DHCP traffic can craft malformed responses that wrap a length/counter calculation, with a CVSS 3.1 base of 7.5 (confidentiality impact only per the published vector). No public exploit is identified at time of analysis and it is not listed in CISA KEV, but Microsoft ships a patch.

Authentication Bypass Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +11
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-55011 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Defender's Malware Protection Engine (mpengine) arises from an integer underflow (CWE-191) that a local attacker can trigger with no prior authentication but requiring user interaction, yielding high confidentiality, integrity, and availability impact. Because Defender's scanning engine runs with SYSTEM-level privileges, successful exploitation would grant full compromise of the host. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; Microsoft has released a fix.

Authentication Bypass Microsoft Integer Overflow Microsoft Malware Protection Engine
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-54982 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in the Windows Reliable Multicast Transport Driver (RMCAST) lets an unauthenticated attacker on the same network segment run arbitrary code by triggering an integer underflow (CWE-191) during multicast message processing. All supported Windows client and server builds from Windows Server 2012 through Windows Server 2025 and Windows 10 1607 through Windows 11 26H1 are affected. There is no public exploit identified at time of analysis, but the CVSS 8.8 adjacent-network unauthenticated profile and Microsoft's own reporting make this a high-priority patch.

Authentication Bypass Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-51540 CRITICAL Act Now

Remote memory corruption in the OpENer EtherNet/IP stack (2.3.0 master branch up to commit 76b95cf) stems from an integer underflow while parsing connected explicit messages via the SendUnitData encapsulation command, allowing network attackers to corrupt memory on the target device. The CVSS 3.1 score of 9.8 (AV:N/PR:N) indicates unauthenticated remote exploitation with full confidentiality, integrity, and availability impact. A public gist by researcher MrAlaskan and a filed GitHub issue accompany the disclosure, so publicly available exploit code exists, though EPSS is low (0.15%, 5th percentile) and it is not on the CISA KEV list.

Buffer Overflow Integer Overflow N A
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Excel (and the broader Office suite through Microsoft 365 Apps, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) arises from an integer underflow (CWE-191) in Excel's file parsing, letting an attacker run arbitrary code in the context of the user who opens a maliciously crafted spreadsheet. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows no attacker privileges are needed but the victim must open the file, giving full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available.

Authentication Bypass Microsoft Integer Overflow +9
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Integer underflow in the Windows Kernel enables a locally authenticated attacker to disclose sensitive kernel memory contents across a broad range of Windows 10, Windows 11, and Windows Server platforms. The CVSS vector (AV:L/AC:L/PR:L/UI:N) confirms that any low-privilege local user can trigger the flaw without special configuration or user interaction, yielding high confidentiality impact with no integrity or availability consequences. Microsoft has released a patch via the July 2026 Security Update Guide; no public exploit has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Microsoft Integer Overflow +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in the Microsoft Windows NTFS file-system driver lets an attacker run arbitrary code by inducing a victim to interact with a specially crafted NTFS artifact (e.g., a malicious volume, VHD, or file). The flaw stems from an integer underflow (CWE-191) and spans a broad range of Windows client and server builds from Windows Server 2012 through Windows Server 2025 and Windows 10/11. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Authentication Bypass Microsoft Integer Overflow +18
NVD
EPSS 0% CVSS 7.3
HIGH PATCH Exploit Unlikely This Week

Elevation of privilege in the Windows Universal Disk Format File System driver (UDFS.sys) lets a low-privileged local user gain elevated (kernel/SYSTEM) rights after the victim mounts or opens a maliciously crafted UDF volume. The flaw stems from an integer arithmetic error (CWE-191) in the driver that parses UDF-formatted media such as ISO images, optical discs, and virtual disk files, and affects a broad range of Windows client and server releases from Windows Server 2012 and Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. Microsoft reported the issue and has shipped a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Information Disclosure Microsoft Integer Overflow +18
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Information disclosure (and vendor-labeled privilege elevation) in the Windows DHCP Client affects Windows 10 (1607/1809), Windows Server 2012 through 2025, and their Server Core installations via an integer underflow (CWE-191) reachable over the network. A remote attacker positioned to answer DHCP traffic can craft malformed responses that wrap a length/counter calculation, with a CVSS 3.1 base of 7.5 (confidentiality impact only per the published vector). No public exploit is identified at time of analysis and it is not listed in CISA KEV, but Microsoft ships a patch.

Authentication Bypass Microsoft Integer Overflow +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Defender's Malware Protection Engine (mpengine) arises from an integer underflow (CWE-191) that a local attacker can trigger with no prior authentication but requiring user interaction, yielding high confidentiality, integrity, and availability impact. Because Defender's scanning engine runs with SYSTEM-level privileges, successful exploitation would grant full compromise of the host. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; Microsoft has released a fix.

Authentication Bypass Microsoft Integer Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Windows Reliable Multicast Transport Driver (RMCAST) lets an unauthenticated attacker on the same network segment run arbitrary code by triggering an integer underflow (CWE-191) during multicast message processing. All supported Windows client and server builds from Windows Server 2012 through Windows Server 2025 and Windows 10 1607 through Windows 11 26H1 are affected. There is no public exploit identified at time of analysis, but the CVSS 8.8 adjacent-network unauthenticated profile and Microsoft's own reporting make this a high-priority patch.

Authentication Bypass Integer Overflow Windows 10 Version 1607 +17
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote memory corruption in the OpENer EtherNet/IP stack (2.3.0 master branch up to commit 76b95cf) stems from an integer underflow while parsing connected explicit messages via the SendUnitData encapsulation command, allowing network attackers to corrupt memory on the target device. The CVSS 3.1 score of 9.8 (AV:N/PR:N) indicates unauthenticated remote exploitation with full confidentiality, integrity, and availability impact. A public gist by researcher MrAlaskan and a filed GitHub issue accompany the disclosure, so publicly available exploit code exists, though EPSS is low (0.15%, 5th percentile) and it is not on the CISA KEV list.

Buffer Overflow Integer Overflow N A
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy