Skip to main content

Heap Overflow

1931 CVEs technique

Monthly

CVE-2026-2920 HIGH PATCH This Week

Heap-based buffer overflow vulnerability in GStreamer's ASF Demuxer component that allows remote attackers to execute arbitrary code when processing malicious ASF media files. The vulnerability requires user interaction (opening/processing a malicious file) and affects all versions of GStreamer based on the CPE data. No evidence of active exploitation (not in KEV) or public proof-of-concept exists, though Zero Day Initiative tracked it as ZDI-CAN-28843.

Buffer Overflow RCE Heap Overflow Gstreamer
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-3561 HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers to execute arbitrary code through malformed PUT requests to the HomeKit Accessory Protocol (HAP) characteristics endpoint. While authentication is normally required, the advisory notes the authentication mechanism can be bypassed, effectively allowing unauthenticated remote code execution. No EPSS score or KEV listing is available, suggesting this is not currently being exploited in the wild.

Buffer Overflow RCE Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2026-3560 HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows unauthenticated network-adjacent attackers to execute arbitrary code. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restrictions) through the hk_hap_pair_storage_put function on TCP port 8080. No EPSS data or KEV listing is available, and while ZDI has published an advisory, no public POC or active exploitation has been reported.

Buffer Overflow RCE Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2026-3557 HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers with authentication (which can be bypassed) to achieve remote code execution as root. The vulnerability affects the HomeKit Accessory Protocol (HAP) implementation on TCP port 8080 and has a high CVSS score of 8.0, though no active exploitation or public PoC has been reported.

Buffer Overflow RCE Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2026-3556 HIGH This Week

Critical heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows network-adjacent attackers to execute arbitrary code without authentication. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restriction) and stems from improper input validation in the hk_hap_pair_storage_put function. No active exploitation (not in KEV) or EPSS score is reported, but the high CVSS score (8.8) and RCE capability make this a significant threat for local network attackers.

Buffer Overflow RCE Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2026-3555 HIGH This Week

Heap-based buffer overflow vulnerability in the Philips Hue Bridge's Zigbee stack that allows network-adjacent attackers to execute arbitrary code when users initiate device pairing. The vulnerability affects all versions of Philips Hue Bridge and has a CVSS score of 8.0, requiring physical proximity and user interaction to exploit. No EPSS data or KEV listing is available, suggesting this is not actively exploited in the wild.

Buffer Overflow RCE Heap Overflow Hue Bridge
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2026-31806 CRITICAL PATCH Act Now

Heap buffer overflow in FreeRDP's NSCodec surface-bits handler (versions prior to 3.24.0) lets a malicious or compromised RDP server corrupt heap memory on connecting clients. The gdi_surface_bits() path passes server-supplied bmp.width and bmp.height into nsc_process_message() without validating them against the actual desktop dimensions, and because the attacker also controls the decoded pixel data, the out-of-bounds write can overwrite adjacent heap allocations with attacker-chosen bytes - a potential path to remote code execution. EPSS is low (0.04%, 13th percentile) and there is no public exploit identified at time of analysis.

Buffer Overflow Heap Overflow Freerdp
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2025-61154 MEDIUM This Month

Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c.

Buffer Overflow Denial Of Service Heap Overflow Libredwg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27940 HIGH This Week

Local attackers can achieve heap buffer overflow in llama.cpp versions before b8146 through integer overflow in the GGUF file parsing function, enabling arbitrary code execution with high integrity and confidentiality impact. The vulnerability stems from undersized heap allocation followed by unvalidated writes of over 528 bytes of attacker-controlled data, bypassing a previous fix for the same component. This affects systems running vulnerable LLM inference implementations on local machines where user interaction is required to trigger the malicious GGUF file processing.

Buffer Overflow Heap Overflow Llama Cpp
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-3931 HIGH PATCH This Week

Heap buffer overflow in Skia in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Buffer Overflow Heap Overflow Chrome Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3915 HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Google Buffer Overflow Heap Overflow AI / ML Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3913 HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Google Buffer Overflow Heap Overflow AI / ML Chrome +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31853 NuGet MEDIUM PATCH This Month

ImageMagick is free and open-source software used for editing and manipulating digital images. versions up to 7.1.2-16 is affected by heap-based buffer overflow (CVSS 5.7).

Buffer Overflow Heap Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-27271 HIGH This Week

Heap buffer overflow in Adobe Illustrator 29.8.4 and 30.1 allows arbitrary code execution under the current user's privileges when opening a malicious file. The vulnerability requires user interaction but carries no patch availability, leaving affected systems at risk. An attacker can achieve code execution by crafting and distributing a malicious document that triggers the memory corruption flaw.

Adobe Buffer Overflow Heap Overflow Illustrator
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-3845 HIGH This Week

Firefox for Android versions prior to 148.0.2 contain a heap buffer overflow in the audio/video playback component that allows remote code execution, information disclosure, and denial of service through a malicious media file requiring user interaction. The vulnerability affects all Firefox for Android users and currently lacks a publicly available patch. An attacker can achieve complete system compromise by crafting a specially crafted video or audio file that triggers the buffer overflow when played.

Buffer Overflow Mozilla Heap Overflow Google
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-31796 HIGH This Week

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by heap-based buffer overflow (CVSS 7.8).

Buffer Overflow Heap Overflow Iccdev
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-30982 MEDIUM This Month

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by heap-based buffer overflow (CVSS 6.1).

Buffer Overflow Heap Overflow Iccdev
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-26111 HIGH POC PATCH This Week

Remote code execution in Windows RRAS across Server 2016, 2022, and 2025 via an integer overflow vulnerability allows authenticated attackers to execute arbitrary code over the network with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available. Authenticated users with network access can trigger the vulnerability through a simple interaction to gain complete system compromise.

Buffer Overflow Heap Overflow Microsoft Windows Server 2022 Windows Server 2016 +4
NVD VulDB GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-26108 HIGH PATCH This Week

Heap buffer overflow in Microsoft Office Excel enables local code execution with high integrity and confidentiality impact affecting Office, Office Online Server, and 365 Apps. An attacker with user interaction can achieve arbitrary code execution in the context of the affected application. No patch is currently available for this vulnerability.

Microsoft Buffer Overflow Heap Overflow Office Office Online Server +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-25188 HIGH PATCH This Week

Privilege escalation in Windows Telephony Service through heap buffer overflow affects Windows 10 1607, Windows 11 25h2, and Windows Server 2012, allowing adjacent network attackers to gain elevated system access without authentication. The vulnerability has a high CVSS score of 8.8 but currently lacks a patch, creating significant risk for exposed systems. Exploitation requires network proximity but no user interaction.

Buffer Overflow Heap Overflow Microsoft Windows 10 1607 Windows 11 25h2 +13
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-25173 HIGH POC PATCH This Week

Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow vulnerability exploitable by authenticated network attackers. Public exploit code exists for this vulnerability, enabling authenticated users to execute arbitrary code with high integrity and confidentiality impact. No patch is currently available, making this a critical exposure for affected Windows environments.

Microsoft Buffer Overflow Heap Overflow Windows Server 2022 23h2 Windows 10 1607 +13
NVD VulDB GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-25172 HIGH POC PATCH This Week

Remote code execution in Windows Routing and Remote Access Service (RRAS) across Windows Server 2012, 2022, and 2022 23h2 stems from an integer overflow vulnerability that authenticated network attackers can exploit with user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available.

Microsoft Buffer Overflow Heap Overflow Windows Server 2022 Windows Server 2012 +5
NVD VulDB GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-24288 MEDIUM PATCH This Month

Arbitrary code execution in Windows 10 (versions 21H2 and 22H2) via heap buffer overflow in Mobile Broadband functionality requires physical access to a target device. An attacker with direct hardware access can trigger memory corruption to achieve kernel-level code execution with full system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Heap Overflow Microsoft Windows 10 22h2 Windows 10 21h2 +1
NVD VulDB
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-24283 HIGH PATCH This Week

Privilege escalation in Windows 11 (24h2, 26h1) and Windows Server 2022 (23h2) via heap overflow allows authenticated local users to gain system-level access. The vulnerability requires valid credentials but no user interaction, making it a direct path to complete system compromise. No patch is currently available.

Buffer Overflow Heap Overflow Microsoft Windows 11 24h2 Windows 11 26h1 +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23665 HIGH PATCH This Week

Privilege escalation in Azure Linux Virtual Machines results from a heap-based buffer overflow that authenticated local users can exploit to gain elevated system access. An attacker with valid credentials can trigger memory corruption to bypass privilege restrictions and assume administrative control of the affected virtual machine. No patch is currently available, making this a critical risk for organizations running Azure Linux infrastructure.

Buffer Overflow Heap Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-30937 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

Buffer Overflow Microsoft Heap Overflow Imagemagick Windows +2
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-30931 NuGet MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write.

Buffer Overflow Heap Overflow Imagemagick Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-3257 CRITICAL Act Now

Insecure embedded library in UnQLite 0.06 Perl module.

Heap Overflow Unqlite
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-29022 MEDIUM POC PATCH This Month

Heap buffer overflow in dr_libs 0.14.4 and earlier allows attackers to corrupt memory by supplying maliciously crafted WAV files to any application using drwav_init_*_with_metadata() functions. The vulnerability exploits inconsistent validation of sample loop counts between processing passes, enabling 36 bytes of attacker-controlled data to overflow heap allocations. Public exploit code exists for this vulnerability.

Buffer Overflow Heap Overflow Dr Libs
NVD GitHub VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-22891 CRITICAL POC Act Now

Heap overflow in libbiosig 3.9.2 Intan CLP parsing. PoC available.

Buffer Overflow Heap Overflow Libbiosig
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-20777 HIGH POC This Week

Arbitrary code execution in libbiosig 3.9.2 and Master Branch can be triggered by parsing malicious Nicolet WFT files through a heap buffer overflow in the WFT parsing functionality. An attacker can exploit this vulnerability by supplying a crafted .wft file to execute arbitrary code on affected systems. Public exploit code exists for this vulnerability, though no patch is currently available.

Buffer Overflow Heap Overflow Libbiosig
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-28420 MEDIUM POC PATCH This Month

Vim versions prior to 9.2.0076 contain a heap buffer overflow and out-of-bounds read vulnerability in the terminal emulator when handling Unicode combining characters from supplementary planes, allowing a local attacker with user interaction to cause memory corruption and denial of service. The vulnerability requires local access and user interaction to trigger, with no confidentiality impact but potential integrity and availability consequences. A patch is available in version 9.2.0076 and later.

Buffer Overflow Heap Overflow Vim Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-28419 MEDIUM PATCH This Month

Vim versions prior to 9.2.0075 contain a heap buffer underflow in the tags file parser that triggers when processing malformed tag files with delimiters at line starts, potentially allowing local attackers with user interaction to read out-of-bounds memory and cause information disclosure or crashes. The vulnerability requires local file system access and user interaction to exploit, with a CVSS score of 5.3 indicating medium severity. A patch is available in Vim 9.2.0075 and later versions.

Heap Overflow Vim Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28418 MEDIUM PATCH This Month

Vim versions prior to 9.2.0074 contain a heap buffer overflow in the Emacs-style tags file parser that allows reading up to 7 bytes of out-of-bounds memory when processing malformed tags files. A local attacker can trigger this vulnerability through a crafted tags file to leak sensitive information from the application's memory. The vulnerability has been patched in version 9.2.0074 and later.

Buffer Overflow Heap Overflow Vim Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-23750 HIGH This Week

Heap-based buffer overflow in Golioth Pouch 0.1.0 (prior to commit 1b2219a1) lets an adjacent, unauthenticated BLE client corrupt device memory through the GATT server-certificate characteristic. The server_cert_write() handler sizes a heap buffer once on the first fragment but appends later fragments with memcpy() and no bounds check, so an oversized fragmented write overflows the allocation, crashing the device and potentially corrupting adjacent heap data. EPSS is negligible (0.01%, 3rd percentile) and there is no public exploit identified at time of analysis, but the flaw is remotely reachable within BLE range without credentials.

Buffer Overflow Heap Overflow
NVD GitHub VulDB
CVSS 4.0
7.2
EPSS
0.0%
CVE-2026-27831 HIGH This Week

Heap buffer over-read vulnerability in rldns DNS server version 1.3 allows remote attackers to trigger denial of service without authentication or user interaction. The flaw enables reading beyond allocated memory boundaries, causing the service to crash. Version 1.4 addresses this issue, though no patch is currently available for affected 1.3 deployments.

DNS Heap Overflow Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25794 NuGet HIGH PATCH GHSA This Week

Integer overflow in ImageMagick's UHDR image decoder allows remote attackers to trigger heap buffer overflows by supplying specially crafted images with large dimensions, potentially crashing the application or corrupting heap memory. The vulnerability affects ImageMagick versions prior to 7.1.2-15 and requires no user interaction or authentication to exploit. Organizations using vulnerable versions should upgrade immediately, as no workaround is available.

Imagemagick Buffer Overflow Heap Overflow
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2025-69247 HIGH POC PATCH This Week

free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Buffer Overflow Heap Overflow Denial Of Service Go Upf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-14905 HIGH PATCH This Week

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. [CVSS 7.2 HIGH]

RCE Buffer Overflow Heap Overflow Denial Of Service
NVD VulDB
CVSS 3.1
7.2
EPSS
0.4%
CVE-2026-27168 HIGH POC This Week

The SAIL image library contains a heap buffer overflow in its XWD file parser that fails to validate the bytes_per_line value read from untrusted files, allowing attackers to trigger out-of-bounds memory writes during image processing. Public exploit code exists for this vulnerability affecting all versions of SAIL. No patch is currently available, leaving users of this cross-platform image loading library exposed to potential code execution or denial of service attacks.

Buffer Overflow Heap Overflow Sail
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2047 HIGH PATCH This Week

Remote code execution in GIMP through heap buffer overflow during ICNS file parsing allows attackers to execute arbitrary code when a user opens a malicious image file. The vulnerability stems from insufficient validation of user-supplied data lengths before copying to heap memory, requiring only user interaction to trigger. A patch is available for affected installations.

RCE Buffer Overflow Heap Overflow Gimp
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-0797 HIGH PATCH This Week

Remote code execution in GIMP 3.2.0-rc1 lets attackers run arbitrary code by tricking a user into opening a malicious ICO image file or visiting a page that delivers one. The flaw is a heap-based buffer overflow in the ICO file parser caused by missing length validation before a copy operation, and it executes code in the context of the GIMP process. No public exploit has been identified at time of analysis, and EPSS estimates exploitation probability at just 0.06% (19th percentile), consistent with a user-interaction-gated client-side bug rather than mass-exploited infrastructure.

RCE Buffer Overflow Heap Overflow Gimp
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-26967 MEDIUM PATCH This Month

PJSIP versions 2.16 and below contain a heap buffer overflow in the H.264 video unpacketizer that fails to properly validate NAL unit size fields in malformed SRTP packets, allowing remote attackers to trigger memory corruption on systems receiving H.264 video streams. The vulnerability has a CVSS score of 5.3 and enables information disclosure through heap memory access. A patch is available for affected deployments.

Github Buffer Overflow Heap Overflow Pjsip Red Hat
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-26200 HIGH POC PATCH This Week

Heap buffer overflow in HDF5 versions prior to 1.14.4-2 allows attackers to trigger denial-of-service or potentially achieve code execution by crafting malicious h5 files. The vulnerability affects any system parsing untrusted HDF5 data files and has public exploit code available. A patch is not yet available, leaving affected deployments at risk.

RCE Buffer Overflow Heap Overflow Hdf5
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-2447 HIGH PATCH This Week

Heap buffer overflow in libvpx affects Firefox and Thunderbird across multiple versions, enabling remote code execution when a user interacts with malicious content. An unauthenticated attacker can exploit this vulnerability over the network without special privileges to achieve complete system compromise including data theft and integrity violations. No patch is currently available, making this a critical risk for affected users.

Buffer Overflow Mozilla Heap Overflow Thunderbird
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2007 HIGH PATCH This Week

Heap buffer overflow in the pg_trgm extension of PostgreSQL 18.0 and 18.1 allows authenticated database users to trigger memory corruption through specially crafted input strings. An attacker with database access could potentially achieve privilege escalation or cause service disruption, though exploit complexity is currently limited by restricted control over written data. No patch is currently available.

PostgreSQL Buffer Overflow Privilege Escalation Heap Overflow
NVD VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-2005 HIGH PATCH This Week

Arbitrary code execution in PostgreSQL pgcrypto module (versions before 14.21, 15.16, 16.12, 17.8, and 18.2) stems from a heap buffer overflow that allows attackers with database access to execute commands with the privileges of the PostgreSQL system user. An authenticated attacker can exploit this vulnerability by providing specially crafted ciphertext to trigger the overflow condition. No patch is currently available, leaving affected PostgreSQL installations vulnerable to privilege escalation and full system compromise.

PostgreSQL Buffer Overflow Heap Overflow RCE
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-25646 HIGH POC PATCH This Week

Denial of service (with limited memory disclosure) in libpng before 1.6.55 lets an attacker supply a specially crafted but spec-valid PNG that, when processed via the png_set_quantize() API, traps the library in an infinite loop reading past the end of an internal heap buffer. Affects any application that links libpng and calls png_set_quantize() without a histogram while the palette holds more than twice the colors the display supports. Publicly available exploit code exists; EPSS is low (0.06%, 19th percentile) and it is not on CISA KEV, so widespread exploitation is not currently indicated.

Buffer Overflow Denial Of Service Libpng Heap Overflow
NVD GitHub VulDB
CVSS 4.0
8.3
EPSS
0.1%
CVE-2026-21358 MEDIUM This Month

InDesign versions 21.1, 20.5.1 and earlier contain a heap buffer overflow that enables local denial-of-service attacks when users open malicious files. An attacker can crash the application to disrupt workflow, though no patch is currently available. User interaction is required for exploitation.

Adobe Buffer Overflow Heap Overflow Denial Of Service Indesign
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21357 HIGH This Week

Arbitrary code execution in Adobe InDesign versions 21.1, 20.5.1, and earlier through a heap buffer overflow vulnerability triggered by opening a malicious file. The vulnerability requires user interaction and executes with the privileges of the current user, with no patch currently available. Local attackers can leverage this to achieve code execution on affected systems.

Adobe Buffer Overflow Heap Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21259 HIGH PATCH This Week

Privilege escalation in Microsoft Office Excel (including 365 Apps and Long Term Servicing Channel) via heap-based buffer overflow allows local attackers with user interaction to gain elevated system privileges. The vulnerability affects multiple Office product lines and currently lacks a security patch. With a CVSS score of 7.8, this poses a significant risk to organizations using affected Excel versions.

Microsoft Buffer Overflow Heap Overflow Office Long Term Servicing Channel 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21248 HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges on affected Windows and Windows Server systems. An attacker with local access and user-level permissions can trigger memory corruption through user interaction to compromise system integrity and confidentiality. This vulnerability affects Windows 10 1809, Windows Server 2025, and related Hyper-V implementations with no patch currently available.

Windows Hyper-V Buffer Overflow Heap Overflow Windows Server 2025 +12
NVD Exploit-DB VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-21246 HIGH PATCH This Week

Privilege escalation in Microsoft Graphics Component on Windows 11 24H2 and Windows 10 21H2 exploits a heap buffer overflow to allow authenticated local attackers to gain system-level access. The vulnerability requires local access and user interaction is not required, presenting a significant risk in multi-user environments. No patch is currently available.

Microsoft Industrial Buffer Overflow Heap Overflow Windows 11 24h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21245 HIGH PATCH This Week

Windows Kernel heap overflow in Windows 11 25h2 and Windows Server 2025 enables authenticated local attackers to achieve privilege escalation with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user privileges but no user interaction, making it a practical attack vector for lateral movement within systems. No patch is currently available, leaving affected systems exposed until remediation is released.

Linux Windows Buffer Overflow Heap Overflow Windows 11 25h2 +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21244 HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges (CVSS 7.3). Exploitation requires user interaction and local system access, affecting Windows 10 1809 and Windows Server 2025. No patch is currently available.

Windows Hyper-V Buffer Overflow Heap Overflow Windows 10 1809 +12
NVD Exploit-DB VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-21239 HIGH PATCH This Week

Privilege escalation via heap buffer overflow in Windows Kernel (Windows 10 21H2, Windows Server 2016) allows authenticated local users to gain elevated system privileges. The vulnerability requires local access and user-level permissions, making it exploitable by authorized account holders to bypass security boundaries. No patch is currently available for this issue.

Linux Windows Buffer Overflow Heap Overflow Windows 10 21h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21236 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock contains a heap buffer overflow vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows 10 and Server 2012 systems. An attacker with valid user credentials can exploit this memory corruption flaw to execute arbitrary code with elevated privileges. No patch is currently available for this vulnerability.

Windows Buffer Overflow Heap Overflow Windows 10 1607 Windows 10 21h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23719 HIGH This Week

Heap-based buffer overflow in Simcenter Femap and Nastran versions prior to V2512 allows local attackers to achieve arbitrary code execution by crafting malicious NDB files. The vulnerability requires user interaction to trigger and affects all current versions of both products. No patch is currently available, leaving affected systems at risk of privilege escalation and system compromise.

Buffer Overflow Heap Overflow Simcenter Femap Simcenter Nastran
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25749 MEDIUM POC PATCH This Month

Heap buffer overflow in Vim's tag file resolution allows local attackers with user privileges to corrupt heap memory and crash the application or potentially execute code by supplying a malicious 'helpfile' option value. The vulnerability exists in the get_tagfname() function which fails to validate the length of user-controlled input before copying it into a fixed-size buffer. Public exploit code exists for this issue affecting Vim prior to version 9.1.2132, though a patch is available.

Buffer Overflow Heap Overflow Vim
NVD GitHub VulDB
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-24925 HIGH This Week

Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 7.3 HIGH]

Buffer Overflow Heap Overflow Harmonyos
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-65079 This Week

A heap-based buffer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow Heap Overflow
NVD
EPSS
0.1%
CVE-2025-62673 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-62405 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-62404 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-61983 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-61944 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-59487 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-59482 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-58455 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-58077 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-22780 MEDIUM PATCH This Month

Rizin versions up to 0.8.2 is affected by allocation of resources without limits or throttling (CVSS 4.4).

Heap Overflow Rizin Suse
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-25068 Monitor

alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder.

Buffer Overflow Heap Overflow Denial Of Service
NVD GitHub
EPSS
0.0%
CVE-2026-23567 MEDIUM This Month

Denial-of-service in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to crash the NomadBranch.exe service by sending specially crafted UDP packets that trigger a heap buffer overflow. The vulnerability stems from an integer underflow in the UDP command handler that can be exploited without authentication or user interaction. Currently, no patch is available and the attack requires network adjacency to the affected system.

Windows Buffer Overflow Heap Overflow Integer Overflow Denial Of Service +1
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24829 MEDIUM This Month

Heap-based buffer overflow in is-Engine before version 3.3.4 allows remote attackers to cause denial of service through out-of-bounds memory writes. The vulnerability requires user interaction and network access but has no patch currently available. Affected installations should upgrade to version 3.3.4 or later to mitigate this denial of service risk.

Buffer Overflow Heap Overflow
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-24822 This Week

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C.

Buffer Overflow Heap Overflow
NVD GitHub
EPSS
0.1%
CVE-2026-1283 HIGH This Week

Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 via heap overflow when parsing malicious EPRT files allows attackers to gain full system compromise upon user interaction. The vulnerability requires local file access and user action to trigger, making it a significant risk for organizations using affected SOLIDWORKS versions. No patch is currently available.

Buffer Overflow Heap Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0793 CRITICAL Act Now

ALGO 8180 has a heap-based buffer overflow in InformaCast message processing enabling remote code execution through the emergency notification protocol.

Golang RCE Buffer Overflow Heap Overflow 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-15059 HIGH PATCH This Week

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. [CVSS 7.8 HIGH]

RCE Buffer Overflow Heap Overflow Gimp
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-23876 CRITICAL POC PATCH Act Now

Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled data past an allocated heap buffer by submitting a maliciously crafted XBM file, affecting all versions prior to 7.1.2-13 and 6.9.13-38. Because any read or identify operation triggers the flaw, it is reachable through ordinary image upload and conversion pipelines, raising the risk of memory corruption and potential remote code execution. Publicly available exploit code exists and a vendor patch is available, though EPSS exploitation probability remains low (0.08%) and it is not listed in CISA KEV.

Buffer Overflow Imagemagick Heap Overflow
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-23534 HIGH POC PATCH This Week

Denial of service (and potential code execution) in FreeRDP RDP clients before 3.21.0 lets a malicious or compromised RDP server overflow a client-side heap buffer during ClearCodec band decoding. By supplying crafted band coordinates that drive writes past the destination surface buffer, the server crashes the connecting client and may corrupt the heap. Publicly available exploit code exists; EPSS is low (0.15%, 35th percentile) and the issue is not in CISA KEV, indicating no confirmed active exploitation.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-23533 HIGH POC PATCH This Week

Denial of service and potential remote code execution in the FreeRDP client (all versions prior to 3.21.0) stems from a heap buffer overflow in the RDPGFX ClearCodec decoder (libfreerdp/codec/clear.c). A malicious or compromised RDP server can send crafted residual data that triggers out-of-bounds heap writes during color output on the connecting client, crashing it and potentially corrupting the heap. Publicly available exploit code exists and the GitHub advisory marks it exploitable, but the EPSS probability is low (0.15%, 35th percentile) and it is not listed in CISA KEV.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-23532 HIGH POC PATCH This Week

Denial of service and potential heap corruption in the FreeRDP client (all versions prior to 3.21.0) arises in the graphics pipeline's gdi_SurfaceToSurface path, where destination-rectangle clamping does not match the actual copy size. A malicious or compromised RDP server can drive a connected client into a heap buffer overflow, reliably crashing it and, depending on allocator state and heap layout, opening a path to code execution. Publicly available exploit code exists, but EPSS exploitation probability is low (0.13%, 33rd percentile) and the issue is not listed in CISA KEV.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-23531 HIGH POC PATCH This Week

Client-side heap buffer overflow in FreeRDP's ClearCodec decoder (versions prior to 3.21.0) lets a malicious or compromised RDP server corrupt a connecting client's memory. When `glyphData` is present, `clear_decompress` invokes `freerdp_image_copy_no_overlap` without validating the destination rectangle, producing an out-of-bounds read/write via crafted RDPGFX surface updates. Publicly available exploit code exists (per the GitHub Security Advisory), but it is not listed in CISA KEV and EPSS is low (0.13%, 33th percentile); confirmed impact is denial of service with a residual, allocator-dependent code-execution risk.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-23530 HIGH POC PATCH This Week

Client-side heap buffer overflow in FreeRDP before version 3.21.0 lets a malicious or compromised RDP server crash connecting clients and potentially corrupt heap memory. The flaw lives in the planar codec's `freerdp_bitmap_decompress_planar`, which fails to bound-check decoded bitmap dimensions before RLE decompression, yielding a denial-of-service with a speculative code-execution path. Publicly available exploit code exists via the GitHub Security Advisory, though EPSS exploitation probability remains low (0.15%) and it is not on CISA KEV.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2025-62291 HIGH PATCH This Week

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow. [CVSS 8.1 HIGH]

Buffer Overflow Heap Overflow Integer Overflow Red Hat Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-70303 MEDIUM POC This Month

A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-70302 MEDIUM POC This Month

A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-70299 MEDIUM POC This Month

A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file. [CVSS 6.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-70310 MEDIUM POC This Month

A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-22861 HIGH POC PATCH This Week

Memory corruption in iccDEV library versions before 2.3.1.2 allows remote attackers to achieve code execution via maliciously crafted ICC color profiles, affecting users who process untrusted profile data. Public exploit code exists for this vulnerability. Organizations using iccDEV should upgrade to version 2.3.1.2 immediately.

Buffer Overflow Heap Overflow Iccdev
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based buffer overflow vulnerability in GStreamer's ASF Demuxer component that allows remote attackers to execute arbitrary code when processing malicious ASF media files. The vulnerability requires user interaction (opening/processing a malicious file) and affects all versions of GStreamer based on the CPE data. No evidence of active exploitation (not in KEV) or public proof-of-concept exists, though Zero Day Initiative tracked it as ZDI-CAN-28843.

Buffer Overflow RCE Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers to execute arbitrary code through malformed PUT requests to the HomeKit Accessory Protocol (HAP) characteristics endpoint. While authentication is normally required, the advisory notes the authentication mechanism can be bypassed, effectively allowing unauthenticated remote code execution. No EPSS score or KEV listing is available, suggesting this is not currently being exploited in the wild.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows unauthenticated network-adjacent attackers to execute arbitrary code. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restrictions) through the hk_hap_pair_storage_put function on TCP port 8080. No EPSS data or KEV listing is available, and while ZDI has published an advisory, no public POC or active exploitation has been reported.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based buffer overflow vulnerability in Philips Hue Bridge devices that allows network-adjacent attackers with authentication (which can be bypassed) to achieve remote code execution as root. The vulnerability affects the HomeKit Accessory Protocol (HAP) implementation on TCP port 8080 and has a high CVSS score of 8.0, though no active exploitation or public PoC has been reported.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Critical heap-based buffer overflow vulnerability in Philips Hue Bridge's HomeKit implementation that allows network-adjacent attackers to execute arbitrary code without authentication. The vulnerability affects all versions of Philips Hue Bridge (CPE indicates no version restriction) and stems from improper input validation in the hk_hap_pair_storage_put function. No active exploitation (not in KEV) or EPSS score is reported, but the high CVSS score (8.8) and RCE capability make this a significant threat for local network attackers.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based buffer overflow vulnerability in the Philips Hue Bridge's Zigbee stack that allows network-adjacent attackers to execute arbitrary code when users initiate device pairing. The vulnerability affects all versions of Philips Hue Bridge and has a CVSS score of 8.0, requiring physical proximity and user interaction to exploit. No EPSS data or KEV listing is available, suggesting this is not actively exploited in the wild.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Heap buffer overflow in FreeRDP's NSCodec surface-bits handler (versions prior to 3.24.0) lets a malicious or compromised RDP server corrupt heap memory on connecting clients. The gdi_surface_bits() path passes server-supplied bmp.width and bmp.height into nsc_process_message() without validating them against the actual desktop dimensions, and because the attacker also controls the decoded pixel data, the out-of-bounds write can overwrite adjacent heap allocations with attacker-chosen bytes - a potential path to remote code execution. EPSS is low (0.04%, 13th percentile) and there is no public exploit identified at time of analysis.

Buffer Overflow Heap Overflow Freerdp
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c.

Buffer Overflow Denial Of Service Heap Overflow +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Local attackers can achieve heap buffer overflow in llama.cpp versions before b8146 through integer overflow in the GGUF file parsing function, enabling arbitrary code execution with high integrity and confidentiality impact. The vulnerability stems from undersized heap allocation followed by unvalidated writes of over 528 bytes of attacker-controlled data, bypassing a previous fix for the same component. This affects systems running vulnerable LLM inference implementations on local machines where user interaction is required to trigger the malicious GGUF file processing.

Buffer Overflow Heap Overflow Llama Cpp
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in Skia in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Buffer Overflow Heap Overflow Chrome +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Google Buffer Overflow Heap Overflow +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome versions up to 146.0.7680.71 is affected by heap-based buffer overflow (CVSS 8.8).

Google Buffer Overflow Heap Overflow +4
NVD VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

ImageMagick is free and open-source software used for editing and manipulating digital images. versions up to 7.1.2-16 is affected by heap-based buffer overflow (CVSS 5.7).

Buffer Overflow Heap Overflow Imagemagick +2
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Heap buffer overflow in Adobe Illustrator 29.8.4 and 30.1 allows arbitrary code execution under the current user's privileges when opening a malicious file. The vulnerability requires user interaction but carries no patch availability, leaving affected systems at risk. An attacker can achieve code execution by crafting and distributing a malicious document that triggers the memory corruption flaw.

Adobe Buffer Overflow Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Firefox for Android versions prior to 148.0.2 contain a heap buffer overflow in the audio/video playback component that allows remote code execution, information disclosure, and denial of service through a malicious media file requiring user interaction. The vulnerability affects all Firefox for Android users and currently lacks a publicly available patch. An attacker can achieve complete system compromise by crafting a specially crafted video or audio file that triggers the buffer overflow when played.

Buffer Overflow Mozilla Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by heap-based buffer overflow (CVSS 7.8).

Buffer Overflow Heap Overflow Iccdev
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

iccDEV provides a set of libraries and tools for working with ICC color management profiles. versions up to 2.3.1.5 is affected by heap-based buffer overflow (CVSS 6.1).

Buffer Overflow Heap Overflow Iccdev
NVD GitHub VulDB
EPSS 0% CVSS 8.0
HIGH POC PATCH This Week

Remote code execution in Windows RRAS across Server 2016, 2022, and 2025 via an integer overflow vulnerability allows authenticated attackers to execute arbitrary code over the network with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available. Authenticated users with network access can trigger the vulnerability through a simple interaction to gain complete system compromise.

Buffer Overflow Heap Overflow Microsoft +6
NVD VulDB GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap buffer overflow in Microsoft Office Excel enables local code execution with high integrity and confidentiality impact affecting Office, Office Online Server, and 365 Apps. An attacker with user interaction can achieve arbitrary code execution in the context of the affected application. No patch is currently available for this vulnerability.

Microsoft Buffer Overflow Heap Overflow +5
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Windows Telephony Service through heap buffer overflow affects Windows 10 1607, Windows 11 25h2, and Windows Server 2012, allowing adjacent network attackers to gain elevated system access without authentication. The vulnerability has a high CVSS score of 8.8 but currently lacks a patch, creating significant risk for exposed systems. Exploitation requires network proximity but no user interaction.

Buffer Overflow Heap Overflow Microsoft +15
NVD VulDB
EPSS 0% CVSS 8.0
HIGH POC PATCH This Week

Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow vulnerability exploitable by authenticated network attackers. Public exploit code exists for this vulnerability, enabling authenticated users to execute arbitrary code with high integrity and confidentiality impact. No patch is currently available, making this a critical exposure for affected Windows environments.

Microsoft Buffer Overflow Heap Overflow +15
NVD VulDB GitHub
EPSS 0% CVSS 8.0
HIGH POC PATCH This Week

Remote code execution in Windows Routing and Remote Access Service (RRAS) across Windows Server 2012, 2022, and 2022 23h2 stems from an integer overflow vulnerability that authenticated network attackers can exploit with user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available.

Microsoft Buffer Overflow Heap Overflow +7
NVD VulDB GitHub
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Arbitrary code execution in Windows 10 (versions 21H2 and 22H2) via heap buffer overflow in Mobile Broadband functionality requires physical access to a target device. An attacker with direct hardware access can trigger memory corruption to achieve kernel-level code execution with full system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Heap Overflow Microsoft +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Windows 11 (24h2, 26h1) and Windows Server 2022 (23h2) via heap overflow allows authenticated local users to gain system-level access. The vulnerability requires valid credentials but no user interaction, making it a direct path to complete system compromise. No patch is currently available.

Buffer Overflow Heap Overflow Microsoft +6
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Azure Linux Virtual Machines results from a heap-based buffer overflow that authenticated local users can exploit to gain elevated system access. An attacker with valid credentials can trigger memory corruption to bypass privilege restrictions and assume administrative control of the affected virtual machine. No patch is currently available, making this a critical risk for organizations running Azure Linux infrastructure.

Buffer Overflow Heap Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

Buffer Overflow Microsoft Heap Overflow +4
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Medium severity vulnerability in ImageMagick. A heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write.

Buffer Overflow Heap Overflow Imagemagick +2
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Insecure embedded library in UnQLite 0.06 Perl module.

Heap Overflow Unqlite
NVD
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

Heap buffer overflow in dr_libs 0.14.4 and earlier allows attackers to corrupt memory by supplying maliciously crafted WAV files to any application using drwav_init_*_with_metadata() functions. The vulnerability exploits inconsistent validation of sample loop counts between processing passes, enabling 36 bytes of attacker-controlled data to overflow heap allocations. Public exploit code exists for this vulnerability.

Buffer Overflow Heap Overflow Dr Libs
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Heap overflow in libbiosig 3.9.2 Intan CLP parsing. PoC available.

Buffer Overflow Heap Overflow Libbiosig
NVD
EPSS 0% CVSS 8.1
HIGH POC This Week

Arbitrary code execution in libbiosig 3.9.2 and Master Branch can be triggered by parsing malicious Nicolet WFT files through a heap buffer overflow in the WFT parsing functionality. An attacker can exploit this vulnerability by supplying a crafted .wft file to execute arbitrary code on affected systems. Public exploit code exists for this vulnerability, though no patch is currently available.

Buffer Overflow Heap Overflow Libbiosig
NVD
EPSS 0% CVSS 4.4
MEDIUM POC PATCH This Month

Vim versions prior to 9.2.0076 contain a heap buffer overflow and out-of-bounds read vulnerability in the terminal emulator when handling Unicode combining characters from supplementary planes, allowing a local attacker with user interaction to cause memory corruption and denial of service. The vulnerability requires local access and user interaction to trigger, with no confidentiality impact but potential integrity and availability consequences. A patch is available in version 9.2.0076 and later.

Buffer Overflow Heap Overflow Vim +2
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vim versions prior to 9.2.0075 contain a heap buffer underflow in the tags file parser that triggers when processing malformed tag files with delimiters at line starts, potentially allowing local attackers with user interaction to read out-of-bounds memory and cause information disclosure or crashes. The vulnerability requires local file system access and user interaction to exploit, with a CVSS score of 5.3 indicating medium severity. A patch is available in Vim 9.2.0075 and later versions.

Heap Overflow Vim Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Vim versions prior to 9.2.0074 contain a heap buffer overflow in the Emacs-style tags file parser that allows reading up to 7 bytes of out-of-bounds memory when processing malformed tags files. A local attacker can trigger this vulnerability through a crafted tags file to leak sensitive information from the application's memory. The vulnerability has been patched in version 9.2.0074 and later.

Buffer Overflow Heap Overflow Vim +2
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH This Week

Heap-based buffer overflow in Golioth Pouch 0.1.0 (prior to commit 1b2219a1) lets an adjacent, unauthenticated BLE client corrupt device memory through the GATT server-certificate characteristic. The server_cert_write() handler sizes a heap buffer once on the first fragment but appends later fragments with memcpy() and no bounds check, so an oversized fragmented write overflows the allocation, crashing the device and potentially corrupting adjacent heap data. EPSS is negligible (0.01%, 3rd percentile) and there is no public exploit identified at time of analysis, but the flaw is remotely reachable within BLE range without credentials.

Buffer Overflow Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Heap buffer over-read vulnerability in rldns DNS server version 1.3 allows remote attackers to trigger denial of service without authentication or user interaction. The flaw enables reading beyond allocated memory boundaries, causing the service to crash. Version 1.4 addresses this issue, though no patch is currently available for affected 1.3 deployments.

DNS Heap Overflow Denial Of Service
NVD GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Integer overflow in ImageMagick's UHDR image decoder allows remote attackers to trigger heap buffer overflows by supplying specially crafted images with large dimensions, potentially crashing the application or corrupting heap memory. The vulnerability affects ImageMagick versions prior to 7.1.2-15 and requires no user interaction or authentication to exploit. Organizations using vulnerable versions should upgrade immediately, as no workaround is available.

Imagemagick Buffer Overflow Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Buffer Overflow Heap Overflow Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 7.2
HIGH PATCH This Week

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. [CVSS 7.2 HIGH]

RCE Buffer Overflow Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

The SAIL image library contains a heap buffer overflow in its XWD file parser that fails to validate the bytes_per_line value read from untrusted files, allowing attackers to trigger out-of-bounds memory writes during image processing. Public exploit code exists for this vulnerability affecting all versions of SAIL. No patch is currently available, leaving users of this cross-platform image loading library exposed to potential code execution or denial of service attacks.

Buffer Overflow Heap Overflow Sail
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Remote code execution in GIMP through heap buffer overflow during ICNS file parsing allows attackers to execute arbitrary code when a user opens a malicious image file. The vulnerability stems from insufficient validation of user-supplied data lengths before copying to heap memory, requiring only user interaction to trigger. A patch is available for affected installations.

RCE Buffer Overflow Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in GIMP 3.2.0-rc1 lets attackers run arbitrary code by tricking a user into opening a malicious ICO image file or visiting a page that delivers one. The flaw is a heap-based buffer overflow in the ICO file parser caused by missing length validation before a copy operation, and it executes code in the context of the GIMP process. No public exploit has been identified at time of analysis, and EPSS estimates exploitation probability at just 0.06% (19th percentile), consistent with a user-interaction-gated client-side bug rather than mass-exploited infrastructure.

RCE Buffer Overflow Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

PJSIP versions 2.16 and below contain a heap buffer overflow in the H.264 video unpacketizer that fails to properly validate NAL unit size fields in malformed SRTP packets, allowing remote attackers to trigger memory corruption on systems receiving H.264 video streams. The vulnerability has a CVSS score of 5.3 and enables information disclosure through heap memory access. A patch is available for affected deployments.

Github Buffer Overflow Heap Overflow +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Heap buffer overflow in HDF5 versions prior to 1.14.4-2 allows attackers to trigger denial-of-service or potentially achieve code execution by crafting malicious h5 files. The vulnerability affects any system parsing untrusted HDF5 data files and has public exploit code available. A patch is not yet available, leaving affected deployments at risk.

RCE Buffer Overflow Heap Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in libvpx affects Firefox and Thunderbird across multiple versions, enabling remote code execution when a user interacts with malicious content. An unauthenticated attacker can exploit this vulnerability over the network without special privileges to achieve complete system compromise including data theft and integrity violations. No patch is currently available, making this a critical risk for affected users.

Buffer Overflow Mozilla Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Heap buffer overflow in the pg_trgm extension of PostgreSQL 18.0 and 18.1 allows authenticated database users to trigger memory corruption through specially crafted input strings. An attacker with database access could potentially achieve privilege escalation or cause service disruption, though exploit complexity is currently limited by restricted control over written data. No patch is currently available.

PostgreSQL Buffer Overflow Privilege Escalation +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Arbitrary code execution in PostgreSQL pgcrypto module (versions before 14.21, 15.16, 16.12, 17.8, and 18.2) stems from a heap buffer overflow that allows attackers with database access to execute commands with the privileges of the PostgreSQL system user. An authenticated attacker can exploit this vulnerability by providing specially crafted ciphertext to trigger the overflow condition. No patch is currently available, leaving affected PostgreSQL installations vulnerable to privilege escalation and full system compromise.

PostgreSQL Buffer Overflow Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 8.3
HIGH POC PATCH This Week

Denial of service (with limited memory disclosure) in libpng before 1.6.55 lets an attacker supply a specially crafted but spec-valid PNG that, when processed via the png_set_quantize() API, traps the library in an infinite loop reading past the end of an internal heap buffer. Affects any application that links libpng and calls png_set_quantize() without a histogram while the palette holds more than twice the colors the display supports. Publicly available exploit code exists; EPSS is low (0.06%, 19th percentile) and it is not on CISA KEV, so widespread exploitation is not currently indicated.

Buffer Overflow Denial Of Service Libpng +1
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

InDesign versions 21.1, 20.5.1 and earlier contain a heap buffer overflow that enables local denial-of-service attacks when users open malicious files. An attacker can crash the application to disrupt workflow, though no patch is currently available. User interaction is required for exploitation.

Adobe Buffer Overflow Heap Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe InDesign versions 21.1, 20.5.1, and earlier through a heap buffer overflow vulnerability triggered by opening a malicious file. The vulnerability requires user interaction and executes with the privileges of the current user, with no patch currently available. Local attackers can leverage this to achieve code execution on affected systems.

Adobe Buffer Overflow Heap Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Microsoft Office Excel (including 365 Apps and Long Term Servicing Channel) via heap-based buffer overflow allows local attackers with user interaction to gain elevated system privileges. The vulnerability affects multiple Office product lines and currently lacks a security patch. With a CVSS score of 7.8, this poses a significant risk to organizations using affected Excel versions.

Microsoft Buffer Overflow Heap Overflow +5
NVD
EPSS 0% CVSS 7.3
HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges on affected Windows and Windows Server systems. An attacker with local access and user-level permissions can trigger memory corruption through user interaction to compromise system integrity and confidentiality. This vulnerability affects Windows 10 1809, Windows Server 2025, and related Hyper-V implementations with no patch currently available.

Windows Hyper-V Buffer Overflow +14
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Microsoft Graphics Component on Windows 11 24H2 and Windows 10 21H2 exploits a heap buffer overflow to allow authenticated local attackers to gain system-level access. The vulnerability requires local access and user interaction is not required, presenting a significant risk in multi-user environments. No patch is currently available.

Microsoft Industrial Buffer Overflow +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel heap overflow in Windows 11 25h2 and Windows Server 2025 enables authenticated local attackers to achieve privilege escalation with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user privileges but no user interaction, making it a practical attack vector for lateral movement within systems. No patch is currently available, leaving affected systems exposed until remediation is released.

Linux Windows Buffer Overflow +5
NVD
EPSS 0% CVSS 7.3
HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges (CVSS 7.3). Exploitation requires user interaction and local system access, affecting Windows 10 1809 and Windows Server 2025. No patch is currently available.

Windows Hyper-V Buffer Overflow +14
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation via heap buffer overflow in Windows Kernel (Windows 10 21H2, Windows Server 2016) allows authenticated local users to gain elevated system privileges. The vulnerability requires local access and user-level permissions, making it exploitable by authorized account holders to bypass security boundaries. No patch is currently available for this issue.

Linux Windows Buffer Overflow +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock contains a heap buffer overflow vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows 10 and Server 2012 systems. An attacker with valid user credentials can exploit this memory corruption flaw to execute arbitrary code with elevated privileges. No patch is currently available for this vulnerability.

Windows Buffer Overflow Heap Overflow +14
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in Simcenter Femap and Nastran versions prior to V2512 allows local attackers to achieve arbitrary code execution by crafting malicious NDB files. The vulnerability requires user interaction to trigger and affects all current versions of both products. No patch is currently available, leaving affected systems at risk of privilege escalation and system compromise.

Buffer Overflow Heap Overflow Simcenter Femap +1
NVD
EPSS 0% CVSS 6.6
MEDIUM POC PATCH This Month

Heap buffer overflow in Vim's tag file resolution allows local attackers with user privileges to corrupt heap memory and crash the application or potentially execute code by supplying a malicious 'helpfile' option value. The vulnerability exists in the get_tagfname() function which fails to validate the length of user-controlled input before copying it into a fixed-size buffer. Public exploit code exists for this issue affecting Vim prior to version 9.1.2132, though a patch is available.

Buffer Overflow Heap Overflow Vim
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH This Week

Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 7.3 HIGH]

Buffer Overflow Heap Overflow Harmonyos
NVD
EPSS 0%
This Week

A heap-based buffer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow Heap Overflow
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Rizin versions up to 0.8.2 is affected by allocation of resources without limits or throttling (CVSS 4.4).

Heap Overflow Rizin Suse
NVD GitHub
EPSS 0%
Monitor

alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder.

Buffer Overflow Heap Overflow Denial Of Service
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Denial-of-service in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to crash the NomadBranch.exe service by sending specially crafted UDP packets that trigger a heap buffer overflow. The vulnerability stems from an integer underflow in the UDP command handler that can be exploited without authentication or user interaction. Currently, no patch is available and the attack requires network adjacency to the affected system.

Windows Buffer Overflow Heap Overflow +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Heap-based buffer overflow in is-Engine before version 3.3.4 allows remote attackers to cause denial of service through out-of-bounds memory writes. The vulnerability requires user interaction and network access but has no patch currently available. Affected installations should upgrade to version 3.3.4 or later to mitigate this denial of service risk.

Buffer Overflow Heap Overflow
NVD GitHub
EPSS 0%
This Week

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C.

Buffer Overflow Heap Overflow
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in SOLIDWORKS eDrawings 2025-2026 via heap overflow when parsing malicious EPRT files allows attackers to gain full system compromise upon user interaction. The vulnerability requires local file access and user action to trigger, making it a significant risk for organizations using affected SOLIDWORKS versions. No patch is currently available.

Buffer Overflow Heap Overflow
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

ALGO 8180 has a heap-based buffer overflow in InformaCast message processing enabling remote code execution through the emergency notification protocol.

Golang RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. [CVSS 7.8 HIGH]

RCE Buffer Overflow Heap Overflow +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled data past an allocated heap buffer by submitting a maliciously crafted XBM file, affecting all versions prior to 7.1.2-13 and 6.9.13-38. Because any read or identify operation triggers the flaw, it is reachable through ordinary image upload and conversion pipelines, raising the risk of memory corruption and potential remote code execution. Publicly available exploit code exists and a vendor patch is available, though EPSS exploitation probability remains low (0.08%) and it is not listed in CISA KEV.

Buffer Overflow Imagemagick Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Denial of service (and potential code execution) in FreeRDP RDP clients before 3.21.0 lets a malicious or compromised RDP server overflow a client-side heap buffer during ClearCodec band decoding. By supplying crafted band coordinates that drive writes past the destination surface buffer, the server crashes the connecting client and may corrupt the heap. Publicly available exploit code exists; EPSS is low (0.15%, 35th percentile) and the issue is not in CISA KEV, indicating no confirmed active exploitation.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Denial of service and potential remote code execution in the FreeRDP client (all versions prior to 3.21.0) stems from a heap buffer overflow in the RDPGFX ClearCodec decoder (libfreerdp/codec/clear.c). A malicious or compromised RDP server can send crafted residual data that triggers out-of-bounds heap writes during color output on the connecting client, crashing it and potentially corrupting the heap. Publicly available exploit code exists and the GitHub advisory marks it exploitable, but the EPSS probability is low (0.15%, 35th percentile) and it is not listed in CISA KEV.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Denial of service and potential heap corruption in the FreeRDP client (all versions prior to 3.21.0) arises in the graphics pipeline's gdi_SurfaceToSurface path, where destination-rectangle clamping does not match the actual copy size. A malicious or compromised RDP server can drive a connected client into a heap buffer overflow, reliably crashing it and, depending on allocator state and heap layout, opening a path to code execution. Publicly available exploit code exists, but EPSS exploitation probability is low (0.13%, 33rd percentile) and the issue is not listed in CISA KEV.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Client-side heap buffer overflow in FreeRDP's ClearCodec decoder (versions prior to 3.21.0) lets a malicious or compromised RDP server corrupt a connecting client's memory. When `glyphData` is present, `clear_decompress` invokes `freerdp_image_copy_no_overlap` without validating the destination rectangle, producing an out-of-bounds read/write via crafted RDPGFX surface updates. Publicly available exploit code exists (per the GitHub Security Advisory), but it is not listed in CISA KEV and EPSS is low (0.13%, 33th percentile); confirmed impact is denial of service with a residual, allocator-dependent code-execution risk.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Client-side heap buffer overflow in FreeRDP before version 3.21.0 lets a malicious or compromised RDP server crash connecting clients and potentially corrupt heap memory. The flaw lives in the planar codec's `freerdp_bitmap_decompress_planar`, which fails to bound-check decoded bitmap dimensions before RLE decompression, yielding a denial-of-service with a speculative code-execution path. Publicly available exploit code exists via the GitHub Security Advisory, though EPSS exploitation probability remains low (0.15%) and it is not on CISA KEV.

Buffer Overflow Freerdp Heap Overflow
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow. [CVSS 8.1 HIGH]

Buffer Overflow Heap Overflow Integer Overflow +2
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A heap overflow in the uncv_parse_config() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A heap overflow in the avi_parse_input_file() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file. [CVSS 6.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A heap overflow in the vorbis_to_intern() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .ogg file. [CVSS 5.5 MEDIUM]

Heap Overflow Denial Of Service Gpac
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Memory corruption in iccDEV library versions before 2.3.1.2 allows remote attackers to achieve code execution via maliciously crafted ICC color profiles, affecting users who process untrusted profile data. Public exploit code exists for this vulnerability. Organizations using iccDEV should upgrade to version 2.3.1.2 immediately.

Buffer Overflow Heap Overflow Iccdev
NVD GitHub
Prev Page 6 of 22 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy