VYPR

CWE-783

Operator Precedence Logic Error

BaseDraftLikelihood: Low

Description

The product uses an expression in which operator precedence causes incorrect logic to be used.

While often just a bug, operator precedence logic errors can have serious consequences if they are used in security-critical code, such as making an authentication decision.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (5)

  • CVE-2026-7270HigApr 30, 2026
    risk 0.51cvss 7.8epss 0.00

    An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges.

  • CVE-2026-0209MedApr 14, 2026
    risk 0.45cvss epss 0.00

    Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured.

  • CVE-2025-24210MedMar 31, 2025
    risk 0.36cvss 5.5epss 0.00

    A logic error was addressed with improved error handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Parsing an image may lead to disclosure of user…

  • CVE-2024-27886MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Ventura 13.7. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.

  • CVE-2025-27512LowMar 17, 2025
    risk 0.07cvss epss 0.00

    Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot…