Common Weakness Enumeration — the root causes behind every CVE
CWE catalogs the root causes behind CVEs — SQL injection, XSS, broken auth, and 300+ others that keep showing up in security advisories. Each entry here covers how it happens, what it costs when someone exploits it, and the fix that actually closes it.
Incorrect Default Permissions
Incorrect default permissions occur when software is installed or configured with overly permissive access controls on files, directories, databases, or…
Insecure Inherited Permissions
This weakness occurs when a newly created resource file, directory, process, or object automatically inherits overly permissive access controls from its parent…
Incorrect Execution-Assigned Permissions
This weakness occurs when software runs with permissions that differ from what the administrator or developer intended, usually because the runtime environment…
Improper Handling of Insufficient Permissions or Privileges
This weakness occurs when software fails to properly check or respond to permission errors before attempting a sensitive operation. Instead of gracefully…
Improper Preservation of Permissions
This weakness occurs when software copies, restores, or transfers a file but fails to preserve its original access permissions. The result is that a file may…
Improper Ownership Management
Improper ownership management occurs when software fails to correctly assign or maintain ownership of critical resources—such as files, directories, processes…
Unverified Ownership
This weakness occurs when software allows an operation on a resource—such as a file, database record, or user account—without first confirming that the person…
Improper Access Control
Improper access control occurs when software fails to enforce or correctly implements restrictions on who can access specific resources, features, or data…
Improper Authorization
Improper authorization occurs when software fails to correctly verify whether a user has permission to perform a requested action or access a resource. This…
Incorrect User Management
Incorrect user management occurs when software fails to properly handle the creation, modification, or removal of user accounts in a way that maintains…
Improper Authentication
Improper authentication occurs when software fails to adequately verify that a user is who they claim to be. Instead of properly validating credentials, the…
Authentication Bypass Using an Alternate Path or Channel
This weakness occurs when a web application or service requires authentication to access a resource or feature, but an alternate path, API endpoint, or…
Authentication Bypass by Alternate Name
This weakness occurs when an application authenticates users based on a name or identifier, but fails to account for alternate forms of that same name—such as…
Authentication Bypass by Spoofing
This weakness occurs when an application uses easily-forged characteristics—such as IP addresses, hostnames, or HTTP headers—as the primary basis for…
Reliance on IP Address for Authentication
This weakness occurs when software treats an IP address as sufficient proof of a user's identity. Because IP addresses can be spoofed, shared across multiple…
Authentication Bypass by Capture-replay
A capture-replay vulnerability occurs when an attacker can record a legitimate user's authentication traffic and replay it later to gain unauthorized access…
Improper Certificate Validation
Improper certificate validation occurs when software fails to verify that a TLS/SSL certificate is legitimate before trusting it. This allows an attacker…
Improper Validation of Certificate with Host Mismatch
This weakness occurs when software connects to a remote host over HTTPS or another certificate-based protocol but fails to verify that the certificate's…
Channel Accessible by Non-Endpoint
This weakness occurs when software fails to properly verify the identity of both parties in a communication channel, leaving it vulnerable to man-in-the-middle…
Authentication Bypass by Assumed-Immutable Data
This weakness occurs when an application trusts data it shouldn't—typically information stored on the client side or in places an attacker can modify—to verify…
Incorrect Implementation of Authentication Algorithm
This weakness occurs when a system implements an authentication mechanism that deviates from its intended design, weakening the security it should provide…
Missing Critical Step in Authentication
This weakness occurs when an authentication system skips or incompletely implements a security step that is essential to the authentication method. Even if…
Authentication Bypass by Primary Weakness
This weakness describes a fundamental flaw in how an application verifies user identity — one so broken that it can be bypassed entirely, regardless of how…
Missing Authentication for Critical Function
Missing authentication for critical functions allows anyone—authenticated user or complete stranger—to perform sensitive operations without proving their…
Improper Restriction of Excessive Authentication Attempts
This weakness occurs when a system allows an attacker to make unlimited login attempts without penalty. Without rate limiting or account lockouts, an attacker…
Use of Single-Factor Authentication
Single-factor authentication relies on only one method—typically a password—to verify a user's identity. This approach is inherently weaker than multi-factor…
Use of Password System for Primary Authentication
This weakness occurs when an application relies solely on passwords to verify user identity, without additional verification methods. Passwords alone are…
Cryptographic Issues
Cryptographic Issues encompass weaknesses in how software chooses, configures, and implements cryptographic algorithms and protocols. These flaws can range…
Missing Encryption of Sensitive Data
This weakness occurs when an application stores or transmits sensitive information—such as passwords, payment card data, API keys, or personal…
Cleartext Storage of Sensitive Information
This weakness occurs when sensitive data—such as passwords, API keys, authentication tokens, or personal information—is stored in plain, unencrypted form where…