The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

What CVEs are caused by CWE-682?

55 recorded CVEs are attributed to CWE-682, including CVE-2023-2163, CVE-2024-36736, CVE-2026-44498.

How do you prevent CWE-682?

Understand your programming language's underlying representation and how it interacts with numeric calculation. Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how your language handles numbers that are too large or too small for its underlying representation.

How is CWE-682 detected?

Manual Analysis: This weakness can be detected using tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session.

What are the consequences of CWE-682?

Exploiting CWE-682 can lead to: DoS: Crash, Exit, or Restart, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism.

Is CWE-682 actively exploited?

55 recorded CVEs are caused by CWE-682; none are currently in CISA's KEV catalog of actively exploited flaws.

CWE-682: Incorrect Calculation

Real-world CVEs

55 recorded CVEs are caused by CWE-682 (Incorrect Calculation). The highest-severity and most recent are shown first. 8 new CWE-682 CVEs have been recorded so far in 2026 (8 in 2025).

Showing 12 of 55 recorded CWE-682 CVEs. Track new ones as they are published and get AI-written analysis and fixes.

Monitor CWE-682 vulnerabilities

CWE-682: Incorrect Calculation

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

The following image processing code allocates a table for images.

Vulnerable example

img_t table_ptr; /*struct containing img data, 10kB each*/

This code intends to allocate a table of size num_imgs, however as num_imgs grows large, the calculation determining the size of the list will eventually overflow (CWE-190). This will result in a very small list to be allocated instead. If the subsequent code operates on the list as if it were num_imgs long, it may result in many types of out-of-bounds problems (CWE-119).

This code attempts to calculate a football team's average number of yards gained per touchdown.

The code does not consider the event that the team they are querying has not scored a touchdown, but has gained yardage. In that case, we should expect an ArithmeticException to be thrown by the JVM. This could lead to a loss of availability if our error handling code is not set up correctly.

This example attempts to calculate the position of the second byte of a pointer.

Vulnerable example

int *p = x;

In this example, second_char is intended to point to the second byte of p. But, adding 1 to p actually adds sizeof(int) to p, giving a result that is incorrect (3 bytes off on 32-bit platforms). If the resulting memory address is read, this could potentially be an information leak. If it is a write, it could be a security-critical write to unauthorized memory-- whether or not it is a buffer overflow. Note that the above code may also be wrong in other ways, particularly in a little endian environment.

Real-world CVEs

CWE-682: Incorrect Calculation

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Manual Analysis

Automated Static Analysis

Fuzzing

Code examples

Illustrative examples

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-682?

What CVEs are caused by CWE-682?

How do you prevent CWE-682?

How is CWE-682 detected?

What are the consequences of CWE-682?

Is CWE-682 actively exploited?

References

Stay ahead of CWE-682

Real-world CVEs

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Manual Analysis

Automated Static Analysis

Fuzzing

Code examples

Illustrative examples

Related weaknesses

Child

Can precede

Related

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-682?

What CVEs are caused by CWE-682?

How do you prevent CWE-682?

How is CWE-682 detected?

What are the consequences of CWE-682?

Is CWE-682 actively exploited?

References

Stay ahead of CWE-682