CWE•Base•Draft•20 recent CVEs
CWE-787Out-of-bounds Write
Description
The product writes data past the end, or before the beginning, of the intended buffer.
Common consequences
- Integrity→Modify Memory,Execute Unauthorized Code or CommandsWrite operations could cause memory corruption. In some cases, an adversary can modify control data such as return addresses in order to execute unexpected code.
- Availability→DoS: Crash, Exit, or RestartAttempting to access out-of-range, invalid, or unauthorized memory could cause the product to crash.
- Other→Unexpected StateSubsequent write operations can produce undefined or unexpected results.
Potential mitigations
- Requirements[object Object]
- Architecture and Design[object Object]
- Operation,Build and Compilation[object Object]
- Implementation[object Object]
- Operation,Build and Compilation[object Object]
- Operation[object Object]
- ImplementationReplace unbounded copy functions with analogous functions that support length arguments, such as strcpy with strncpy. Create these if they are not available.
Related CWEs
CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer
Recent CVEs classified under this CWE
CVE-2026-116907.52026-06-09CVE-2026-116722026-06-09CVE-2026-116458.82026-06-09CVE-2026-480958.82026-06-05CVE-2026-108799.82026-06-05CVE-2026-502647.82026-06-05CVE-2026-111738.82026-06-04CVE-2026-110918.82026-06-04CVE-2026-110906.52026-06-04CVE-2026-110439.62026-06-04CVE-2026-110379.62026-06-04CVE-2026-109996.52026-06-04CVE-2026-109418.82026-06-04CVE-2026-109258.32026-06-04CVE-2026-109078.82026-06-04CVE-2026-108978.82026-06-04CVE-2026-108929.62026-06-04CVE-2026-108838.82026-06-04CVE-2026-108819.62026-06-04CVE-2026-50666.32026-06-04