CWE - Common Weakness Enumeration

CWE Glossary Definition

[画像:CWE]

Knowing the weaknesses that result in vulnerabilities means software developers, hardware designers, and security architects can eliminate them before deployment, when it is much easier and cheaper to do so

Learn About CWE
Overview – Learn what CWE is and how to use the information available on this website Basics FAQs Glossary	Root Cause Mapping – Learn about identifying the underlying cause(s) of a vulnerability Guidance Quick Tips Examples

Access Content
All Weaknesses (944 total) Top-N Lists Search CWE View CWEs by CWE REST API

Contribute
Contribute CWE Content Participate in Working Groups

Latest News and Updates
News CWE Version 4.18 Now Available! News "2025 CWE™ Most Important Hardware Weaknesses" Now Available Podcast Mapping CVEs to CWEs Is Main Topic of "We Speak CVE" Podcast News Videos of Three CWE-Focused Sessions at VulnCon 2025 Now Available Podcast "Root Cause Mapping and the CWE Top 25" News "2024 CWE Top 10 KEV Weaknesses" List Now Available Community View and Comment on Community Submissions in the "CWE Content Development Repository (CDR)" See More >>

Latest News and Updates

News CWE Version 4.18 Now Available!

News "2025 CWE™ Most Important Hardware Weaknesses" Now Available

Podcast Mapping CVEs to CWEs Is Main Topic of "We Speak CVE" Podcast

News Videos of Three CWE-Focused Sessions at VulnCon 2025 Now Available

Podcast "Root Cause Mapping and the CWE Top 25"

News "2024 CWE Top 10 KEV Weaknesses" List Now Available

Community View and Comment on Community Submissions in the "CWE Content Development Repository (CDR)"

More information is available — Please edit the custom filter or select a different filter.

Page Last Updated: September 06, 2025

MITRE

Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.

HSSEDI