VYPR

CWE-197

Numeric Truncation Error

BaseIncompleteLikelihood: Low

Description

Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.

When a primitive is cast to a smaller primitive, the high order bits of the large value are lost in the conversion, potentially resulting in an unexpected value that is not equal to the original value. This value may be required as an index into a buffer, a loop iterator, or simply necessary state data. In any case, the value cannot be trusted and the system will be in an undefined state. While this method may be employed viably to isolate the low bits of a value, this usage is rare, and truncation usually implies that an implementation error has occurred.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (11)

  • CVE-2025-6965CriJul 15, 2025
    risk 0.60cvss 9.8epss 0.73

    There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

  • CVE-2026-44823HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  • CVE-2026-40409HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

  • CVE-2026-40404HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

  • CVE-2026-42944HigMay 20, 2026
    risk 0.42cvss 7.5epss 0.01

    NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid', 'answer-cookie', 'pad-responses'…

  • CVE-2026-40380MedMay 12, 2026
    risk 0.40cvss 6.2epss 0.00

    Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.

  • CVE-2026-6039MedJun 15, 2026
    risk 0.35cvss epss 0.00

    LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so…

  • CVE-2026-42371MedApr 27, 2026
    risk 0.26cvss 5.1epss 0.00

    uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.

  • CVE-2026-44927LowMay 8, 2026
    risk 0.12cvss 2.9epss 0.00

    In uriparser before 1.0.2, there is pointer difference truncation to int in various places.

  • CVE-2025-10543Dec 2, 2025
    risk 0.00cvss epss 0.00

    In Eclipse Paho Go MQTT v3.1 library (paho.mqtt.golang) versions <=1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server (for example, part of an…

  • CVE-2020-15202Sep 25, 2020
    risk 0.00cvss epss 0.01

    In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32`…