BaseDraft

CWE-681Incorrect Conversion between Numeric Types

Category: other

Description

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

Common consequences· 1

  • Other / Integrity — Unexpected State, Quality Degradation
    The program could wind up using the wrong number and generate incorrect results. If the number is used to allocate resources or make a security decision, then this could introduce a vulnerability.

Potential mitigations· 1

  • [Implementation]Avoid making conversion between numeric types. Always check for the allowed ranges.

References

  1. https://cwe.mitre.org/data/definitions/681.html

(incoming)5

TypeTargetConfidenceTier
VulnerabilityCVE-2025-53733cve-2025-537330%live
VulnerabilityCVE-2026-21688cve-2026-216880%live
VulnerabilityCVE-2026-21693cve-2026-216930%live
VulnerabilityCVE-2026-26178cve-2026-261780%live
VulnerabilityCVE-2026-4931cve-2026-49310%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Signed to Unsigned Conversion Error
CWE
Integer Coercion Error
CWE
Incorrect Bitwise Shift of Integer
CWE
Function Call With Incorrect Argument Type
CWE
Numeric Truncation Error
CWE
Unsigned to Signed Conversion Error
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.