threat
engine
.sh
Back
·
··:··
Home
/
CWE
/
Out-of-bounds Read
Weakness
Out-of-bounds Read
CWE-125 · Base · Draft
The product reads data past the end, or before the beginning, of the intended buffer.
△
Weakness Relationships
Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOf
CWE-119 · Improper Restriction of Operations within the Bounds of a Memory Buffer
Children (more specific)
ParentOf
CWE-126 · Buffer Over-read
ParentOf
CWE-127 · Buffer Under-read
◆
Attack Patterns (CAPEC)
1
How adversaries exploit this weakness, per MITRE CAPEC.
CAPEC-540
Overread Buffers
⚠
CVEs With This Weakness
10,103
A sample of the 10,103 CVEs tagged with this weakness.
CVE
CVE-2026-8686
CVE
CVE-2026-8578
CVE
CVE-2026-8546
CVE
CVE-2026-8543
CVE
CVE-2026-8541
CVE
CVE-2026-8535
CVE
CVE-2026-8186
CVE
CVE-2026-8177
CVE
CVE-2026-8092
CVE
CVE-2026-8088
CVE
CVE-2026-8084
CVE
CVE-2026-7995
◉
Nuclei Scanner Templates
4
Open-source Nuclei templates that detect this weakness class - an actionable scan-for-it pivot. Licensed under the ProjectDiscovery / Nuclei terms.
critical
NTPsec > 1.1.3 - 'ctl_getitem' Out-of-Bounds Read
critical
Citrix Netscaler ADC & Gateway - Out-Of-Bounds Memory Read
high
ProFTPD < 1.3.8a - DoS via Out-of-Bounds Read
high
Pure-FTPd < 1.0.52 - Buffer Overflow
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin