CWE•Base•Draft•10 recent CVEs

CWE-681Incorrect Conversion between Numeric Types

Description

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

Common consequences

Other,Integrity→Unexpected State,Quality Degradation
The program could wind up using the wrong number and generate incorrect results. If the number is used to allocate resources or make a security decision, then this could introduce a vulnerability.

Potential mitigations

Implementation
Avoid making conversion between numeric types. Always check for the allowed ranges.

Recent CVEs classified under this CWE

CVE-2026-241927.82026-05-26 CVE-2026-261788.82026-04-14 CVE-2026-349452026-04-09 CVE-2026-241747.52026-04-07 CVE-2026-49316.82026-04-07 CVE-2026-346105.92026-04-02 CVE-2022-341697.52022-07-19 CVE-2017-73087.82017-03-29 CVE-2007-42687.82007-11-15 CVE-2007-49887.82007-09-24

Description

Common consequences

Potential mitigations

Related CWEs

Recent CVEs classified under this CWE