Cyber Resilience

CWE · MITRE source

CWE-193Off-by-one Error

Abstraction: Base · CVEs in our corpus: 207

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 5 mapping(s) from 1 framework(s): ATT&CK 5 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2021-3156 KEV10.07.80.99292021-01-26
CVE-2003-04668.09.80.78122003-08-27
CVE-2021-230178.07.70.52842021-06-01
CVE-2023-287098.07.50.51552023-05-22
CVE-2023-444448.07.80.56402024-05-03
CVE-2001-06097.09.80.18242001-08-02
CVE-2001-14967.09.80.04842001-12-31
CVE-2002-00837.09.80.14802002-03-15
CVE-2002-18167.09.80.08952002-12-31
CVE-2003-03567.09.80.09572003-06-09
CVE-2003-02527.09.80.15782003-08-18
CVE-2004-00057.09.80.11212004-03-03
CVE-2016-101607.09.80.07322017-01-24
CVE-2018-88287.09.80.31342018-03-20
CVE-2018-145997.09.80.04802018-08-24
CVE-2019-82687.09.80.03922019-03-08
CVE-2019-82727.09.80.03922019-03-08
CVE-2019-145327.09.80.02102019-08-02
CVE-2020-68357.09.80.02022020-01-10
CVE-2020-84437.09.80.02682020-01-30
CVE-2020-100627.09.00.02882020-06-05
CVE-2020-145107.09.80.02492020-08-25
CVE-2021-318757.09.80.02172021-04-29
CVE-2022-249887.09.80.01052022-02-14
CVE-2021-40707.09.10.00842022-02-23