CWE · MITRE source
CWE-129Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2023-40477 | 7.1 | 7.8 | 0.9261 | 2024-05-03 |
CVE-2022-35737 | 4.6 | 7.5 | 0.5194 | 2022-08-03 |
CVE-2022-48503 KEV | 3.8 | 8.8 | 0.0015 | 2023-08-14 |
CVE-2021-35594 | 3.6 | 6.3 | 0.3934 | 2021-10-20 |
CVE-2021-35598 | 3.6 | 6.3 | 0.3934 | 2021-10-20 |
CVE-2017-8797 | 3.3 | 7.5 | 0.3042 | 2017-07-02 |
CVE-2021-35592 | 3.0 | 6.3 | 0.2863 | 2021-10-20 |
CVE-2020-11881 | 2.8 | 7.5 | 0.2117 | 2020-09-14 |
CVE-2020-10071 | 2.6 | 9.0 | 0.1390 | 2020-06-05 |
CVE-2016-9053 | 2.3 | 9.8 | 0.0543 | 2017-02-21 |
CVE-2017-16391 | 2.3 | 8.8 | 0.0867 | 2017-12-09 |
CVE-2023-0755 | 2.3 | 9.8 | 0.0582 | 2023-02-23 |
CVE-2017-16410 | 2.2 | 8.8 | 0.0659 | 2017-12-09 |
CVE-2018-12018 | 2.2 | 7.5 | 0.1217 | 2018-07-05 |
CVE-2019-0906 | 2.1 | 7.8 | 0.0966 | 2019-06-12 |
CVE-2019-17212 | 2.1 | 9.8 | 0.0179 | 2019-11-05 |
CVE-2020-27483 | 2.1 | 9.9 | 0.0231 | 2020-11-16 |
CVE-2020-35628 | 2.1 | 9.8 | 0.0242 | 2021-03-04 |
CVE-2021-38654 | 2.1 | 7.8 | 0.0819 | 2021-09-15 |
CVE-2016-10386 | 2.0 | 9.8 | 0.0029 | 2017-08-18 |
CVE-2014-10048 | 2.0 | 9.8 | 0.0021 | 2018-04-18 |
CVE-2014-9989 | 2.0 | 9.8 | 0.0021 | 2018-04-18 |
CVE-2014-9990 | 2.0 | 9.8 | 0.0021 | 2018-04-18 |
CVE-2016-10454 | 2.0 | 9.8 | 0.0021 | 2018-04-18 |
CVE-2019-15784 | 2.0 | 9.8 | 0.0043 | 2019-08-29 |