To suggest new CWEs or modifications to existing CWEs, use the CWE Content Submission Web Form to start the process.
All submissions must adhere to the Terms of Use.
CWE Content Submissions Flow ChartFor new weaknesses, there are four (4) required elements:
For modifications to existing weaknesses, there are three (3) required elements:
After clicking "Submit" on the form, you will receive a confirmation message and your suggestion will be added to the CWE Team’s working queue. After internal processing, it will be added to the CWE Content Development Repository (CDR) on GitHub for CWE community partners to track and provide input.
To gain access to the CDR to track and contribute to developing CWE suggestions, please email your GitHub username to cwe-submissions@mitre.org.
Complete content development guidelines, and a detailed breakdown of the process are available in the CDR here.
Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.