CWE-682Incorrect Calculation

Abstraction: Pillar · CVEs in our corpus: 122

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

When product performs a security-critical calculation incorrectly, it might lead to incorrect resource allocations, incorrect privilege assignments, or failed comparisons among other things. Many of the direct results of an incorrect calculation can lead to even larger problems such as failed protection mechanisms or even arbitrary code execution.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control	Title	Family	Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE	Risk	CVSS	EPSS	Published
`CVE-2022-30780`	6.3	7.5	0.7928	2022-06-11
`CVE-2018-8319`	2.8	9.8	0.1482	2018-07-11
`CVE-2022-30600`	2.4	9.8	0.0685	2022-05-18
`CVE-2020-0022`	2.2	8.8	0.0695	2020-02-13
`CVE-2021-44847`	2.2	9.8	0.0395	2021-12-13
`CVE-2022-35258`	2.1	7.5	0.0964	2022-12-05
`CVE-2023-35641`	2.1	8.8	0.0522	2023-12-12
`CVE-2020-0221`	2.0	9.8	0.0015	2020-05-14
`CVE-2023-2163`	2.0	10.0	0.0017	2023-09-20
`CVE-2024-36736`	2.0	9.8	0.0010	2024-06-06
`CVE-2026-1229`	2.0	9.8	0.0002	2026-02-24
`CVE-2022-23066`	1.9	9.1	0.0095	2022-05-09
`CVE-2017-8326`	1.8	8.8	0.0089	2017-04-29
`CVE-2017-8905`	1.8	8.8	0.0009	2017-05-11
`CVE-2017-12134`	1.8	8.8	0.0034	2017-08-24
`CVE-2017-12135`	1.8	8.8	0.0007	2017-08-24
`CVE-2017-13151`	1.8	8.8	0.0046	2017-12-06
`CVE-2019-16346`	1.8	8.8	0.0041	2019-09-16
`CVE-2019-16347`	1.8	8.8	0.0044	2019-09-16
`CVE-2019-5853`	1.8	8.8	0.0036	2019-11-25
`CVE-2019-19578`	1.8	8.8	0.0013	2019-12-11
`CVE-2021-45960`	1.8	8.8	0.0027	2022-01-01
`CVE-2022-28048`	1.8	8.8	0.0015	2022-04-15
`CVE-2024-23981`	1.8	8.8	0.0019	2024-08-14
`CVE-2023-2423`	1.7	8.6	0.0006	2023-08-08