Cyber Posture

CWE · MITRE source

CWE-197Numeric Truncation Error

Abstraction: Base · CVEs in our corpus: 40

Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.

When a primitive is cast to a smaller primitive, the high order bits of the large value are lost in the conversion, potentially resulting in an unexpected value that is not equal to the original value. This value may be required as an index into a buffer, a loop iterator, or simply necessary state data. In any case, the value cannot be trusted and the system will be in an undefined state. While this method may be employed viably to isolate the low bits of a value, this usage is rare, and truncation usually implies that an implementation error has occurred.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2022-42475 KEV9.69.80.93982023-01-02
CVE-2024-290504.08.40.38302024-04-09
CVE-2024-490182.48.80.10002024-11-12
CVE-2024-435192.28.80.07102024-10-08
CVE-2024-381252.17.80.09432024-08-13
CVE-2024-436392.19.80.02852024-11-12
CVE-2024-300092.08.80.04782024-05-14
CVE-2025-69652.09.80.01022025-07-15
CVE-2024-213521.98.80.02272024-02-13
CVE-2024-213911.98.80.02272024-02-13
CVE-2024-289441.98.80.02622024-04-09
CVE-2020-152021.89.00.00502020-09-25
CVE-2024-213101.87.80.03792024-01-09
CVE-2024-214401.88.80.01432024-03-12
CVE-2024-214511.88.80.01062024-03-12
CVE-2023-321431.88.80.00142024-05-03
CVE-2024-380441.77.20.04762024-07-09
CVE-2022-346701.67.80.00092022-12-30
CVE-2023-353281.67.80.00142023-07-11
CVE-2023-367101.67.80.00232023-10-10
CVE-2024-214341.67.80.00422024-03-12
CVE-2024-300141.67.50.01762024-05-14
CVE-2024-300151.67.50.01762024-05-14
CVE-2024-300221.67.50.01782024-05-14
CVE-2024-300231.67.50.01782024-05-14