Common Weakness Enumeration — the root causes behind every CVE
CWE catalogs the root causes behind CVEs — SQL injection, XSS, broken auth, and 300+ others that keep showing up in security advisories. Each entry here covers how it happens, what it costs when someone exploits it, and the fix that actually closes it.
Misinterpretation of Input
Misinterpretation of input occurs when software processes user-supplied or external data in a way that differs from the developer's intent, leading to a…
Improper Encoding or Escaping of Output
This weakness occurs when an application fails to properly encode or escape data before sending it to another component—such as a web browser, database, or…
Improper Output Neutralization for Logs
Log injection occurs when user-controlled data is written directly to application logs without sanitization, allowing an attacker to forge log entries or…
Improper Restriction of Operations within Memory Buffer
This weakness occurs when software reads from or writes to memory locations outside the boundaries of an allocated buffer. An attacker who can control the data…
Buffer Copy without Checking Size of Input
This weakness occurs when a program copies data from one buffer to another without first checking whether the source data will fit in the destination. If the…
Stack-based Buffer Overflow
A stack-based buffer overflow occurs when a program writes more data into a buffer than it can hold, and that buffer is stored on the stack. Because the stack…
Heap-based Buffer Overflow
A heap-based buffer overflow occurs when a program writes more data to a dynamically allocated memory buffer than it can hold, overwriting adjacent heap…
Write-what-Where Condition
A write-what-where condition occurs when an attacker can control both where data is written in memory and what data is written there. This is one of the most…
Out-of-bounds Read
An out-of-bounds read occurs when a program accesses memory outside the allocated boundaries of a buffer or array. This can expose sensitive data stored in…
Improper Validation of Array Index
This weakness occurs when a program uses user-supplied input as an array index without checking whether that index is within the valid range of the array. An…
Incorrect Calculation of Buffer Size
This weakness occurs when code allocates a buffer but miscalculates its required size, resulting in a buffer that is too small for the data it will hold. An…
Use of Externally-Controlled Format String
A format string vulnerability occurs when user-supplied input is passed directly as a format string to functions like printf, sprintf, or similar formatting…
Improper Neutralization of Special Elements
This weakness occurs when software fails to properly handle special characters or reserved words before passing data to another system or component. When…
Improper Neutralization of Delimiters
This weakness occurs when software fails to properly handle or escape delimiter characters such as quotes, commas, newlines, or pipes that are used to…
Improper Neutralization of Escape, Meta, or Control Sequences
This weakness occurs when software fails to properly handle or remove escape sequences, meta-characters, and control characters before passing data to another…
Improper Neutralization of Null Byte or NUL Character
This weakness occurs when software fails to remove or properly handle null bytes \0 in user input. Because many C-based file and string functions treat the…
Improper Neutralization of Leading Special Elements
This weakness occurs when software fails to properly handle special characters or sequences at the start of user input, allowing an attacker to prepend data…
Improper Handling of Missing Special Elements
This weakness occurs when software expects certain special characters or delimiters like quotes, brackets, newlines, or terminators in input but fails to…
Improper Handling of Additional Special Elements
This weakness occurs when software fails to properly account for unexpected special characters or elements in input data, leading to parsing errors or…
Improper Null Termination
Improper null termination occurs when a string is not correctly terminated with a null character or equivalent terminator, causing the software to read beyond…
Encoding Error
An encoding error occurs when software fails to properly convert data between different character sets, formats, or representations. This mismatch can cause…
Improper Handling of Case Sensitivity
This weakness occurs when software compares or validates user input without properly accounting for case differences uppercase vs. lowercase. An attacker can…
Incorrect Behavior Order: Early Validation
This weakness occurs when software validates user input at one point, but later processing steps modify or reinterpret that input in ways that bypass the…
Incorrect Behavior Order: Validate Before Canonicalize
This weakness occurs when software validates user input before converting it to its canonical standard form. An attacker can craft input using alternate…
Incorrect Behavior Order: Validate Before Filter
This weakness occurs when a program validates user input before sanitizing or filtering it, rather than the other way around. If the sanitization step…
Collapse of Data into Unsafe Value
This weakness occurs when input filtering or transformation logic unintentionally converts multiple different inputs into a single output value, and that…
Permissive List of Allowed Inputs
This weakness occurs when a developer creates an allowlist a set of \"approved\" inputs to protect against malicious data, but the allowlist is too broad or…
Incomplete Blocklist
An incomplete blocklist is a security control that attempts to block dangerous or unwanted values, but fails to account for all variants or bypass techniques…
Incorrect Regular Expression
Regular expressions are a powerful tool for validating and filtering input, but a poorly written regex can silently accept dangerous data or reject legitimate…
Overly Restrictive Regular Expression
This weakness occurs when a regular expression is written so strictly that it rejects legitimate input that should be accepted. While the intent is often to…