CWE-121Stack-based Buffer Overflow

Abstraction: Variant · CVEs in our corpus: 3,203

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control	Title	Family	Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE	Risk	CVSS	EPSS	Published
`CVE-2021-20038` KEV	9.6	9.8	0.9429	2021-12-08
`CVE-2009-0927` KEV	9.4	8.8	0.9331	2009-03-19
`CVE-2022-20699` KEV	9.4	10.0	0.9002	2022-02-10
`CVE-2025-0282` KEV	9.4	9.0	0.9413	2025-01-08
`CVE-2008-0015` KEV	8.7	8.8	0.8158	2009-07-07
`CVE-2016-6563`	7.1	9.8	0.8489	2018-07-13
`CVE-2020-5735` KEV	7.0	8.8	0.5352	2020-04-08
`CVE-2025-22457` KEV	7.0	9.0	0.5366	2025-04-03
`CVE-2022-20707`	6.9	10.0	0.8140	2022-02-10
`CVE-2021-33549`	6.8	7.2	0.8873	2021-09-13
`CVE-2022-20705`	6.8	10.0	0.8021	2022-02-10
`CVE-2018-10594`	6.7	9.8	0.7824	2018-06-26
`CVE-2025-32756` KEV	6.5	9.8	0.4163	2025-05-13
`CVE-2018-5002` KEV	6.4	7.8	0.4714	2018-07-09
`CVE-2024-26304`	6.4	9.8	0.7324	2024-05-01
`CVE-2017-13089`	6.3	8.8	0.7577	2017-10-27
`CVE-2024-27130`	6.3	7.2	0.8100	2024-05-21
`CVE-2012-10023`	6.2	9.8	0.7059	2025-08-05
`CVE-2012-10060`	6.1	9.8	0.6906	2025-08-13
`CVE-2010-20121`	6.1	9.8	0.6864	2025-08-21
`CVE-2019-5619`	5.9	9.8	0.6586	2020-04-29
`CVE-2019-7482`	5.8	9.8	0.6458	2019-12-19
`CVE-2020-10924`	5.8	8.8	0.6677	2020-07-28
`CVE-2021-42756`	5.8	9.8	0.6422	2023-02-16
`CVE-2010-20113`	5.7	9.8	0.6271	2025-08-21