CWE · MITRE source
CWE-126Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
Last updated: 19 May 2026 20:20 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2017-7668 UPD | 5.3 | 7.5 | 0.6278 | 2017-06-20 |
CVE-2017-7679 UPD | 3.8 | 9.8 | 0.3006 | 2017-06-20 |
CVE-2024-26160 | 3.4 | 5.5 | 0.3812 | 2024-03-12 |
CVE-2025-21277 | 3.3 | 7.5 | 0.3033 | 2025-01-14 |
CVE-2024-38071 | 3.1 | 7.5 | 0.2707 | 2024-07-09 |
CVE-2023-21811 | 2.5 | 7.5 | 0.1705 | 2023-02-14 |
CVE-2023-21813 | 2.3 | 7.5 | 0.1372 | 2023-02-14 |
CVE-2023-24858 | 2.3 | 7.5 | 0.1251 | 2023-03-14 |
CVE-2023-24942 | 2.3 | 7.5 | 0.1372 | 2023-05-09 |
CVE-2023-49285 | 2.3 | 8.6 | 0.0962 | 2023-12-04 |
CVE-2018-14790 | 2.2 | 9.8 | 0.0330 | 2018-10-01 |
CVE-2023-36397 | 2.2 | 9.8 | 0.0323 | 2023-11-14 |
CVE-2023-24857 | 2.1 | 6.5 | 0.1311 | 2023-03-14 |
CVE-2023-24883 | 2.1 | 6.5 | 0.1263 | 2023-04-11 |
CVE-2024-38265 | 2.1 | 8.8 | 0.0551 | 2024-10-08 |
CVE-2019-3563 | 2.0 | 9.8 | 0.0043 | 2019-04-29 |
CVE-2024-20290 | 2.0 | 7.5 | 0.0859 | 2024-02-07 |
CVE-2024-38373 | 2.0 | 9.6 | 0.0065 | 2024-06-24 |
CVE-2024-38127 | 2.0 | 7.8 | 0.0808 | 2024-08-13 |
CVE-2024-43475 | 2.0 | 7.3 | 0.0873 | 2024-09-10 |
CVE-2017-17772 | 2.0 | 9.8 | 0.0021 | 2024-11-26 |
CVE-2026-41898 | 2.0 | 9.8 | 0.0006 | 2026-04-24 |
CVE-2019-11036 | 1.9 | 9.1 | 0.0169 | 2019-05-03 |
CVE-2021-34584 | 1.9 | 9.1 | 0.0061 | 2021-10-26 |
CVE-2023-21701 | 1.9 | 7.5 | 0.0626 | 2023-02-14 |