Cyber Posture

CWE · MITRE source

CWE-191Integer Underflow (Wrap or Wraparound)

Abstraction: Base · CVEs in our corpus: 440

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

This can happen in signed and unsigned cases.

Last updated: 20 May 2026 08:06 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2014-0497 KEV UPD9.59.80.93162014-02-05
CVE-2021-31956 KEV9.07.80.90722021-06-08
CVE-2024-380637.39.80.89412024-08-13
CVE-2020-362285.97.50.73492021-01-26
CVE-2020-362214.97.50.57472021-01-26
CVE-2023-311024.67.80.50712023-11-03
CVE-2024-114774.27.80.43642024-11-22
CVE-2004-01843.90.00.65312004-05-04
CVE-2022-0185 KEV3.88.40.01902022-02-11
CVE-2020-12393.78.80.32982020-06-09
CVE-2021-311783.65.50.41852021-05-11
CVE-2005-01993.29.80.20152005-05-02
CVE-2020-14003.27.80.26662020-07-14
CVE-2023-215273.27.50.28212023-01-10
CVE-2025-299123.29.80.21112025-03-17
CVE-2025-299092.99.80.15952025-03-17
CVE-2023-217082.89.80.13932023-03-14
CVE-2023-216842.78.80.15062023-02-14
CVE-2009-33012.60.00.42762010-02-16
CVE-2015-5212 UPD2.60.00.43032015-11-10
CVE-2018-201802.69.80.09902019-03-15
CVE-2018-201812.69.80.09902019-03-15
CVE-2020-159002.69.80.10992020-07-28
CVE-2016-10166 UPD2.59.80.08332017-03-15
CVE-2017-144962.57.50.16882017-10-03