Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

Common Weakness Scoring System
Common Weakness Risk Analysis Framework

Status Report

Version 2.9 posted December 7, 2015. There was 1 new entry with a new view for the CWE List used by NVD. There were major changes to 119 entries, primarily affecting relationships. There were no schema updates. Read the release notes.

More Information

CWE™ International in scope and free for public use, CWE provides a unified, measurable set of software weaknesses that is enabling more effective discussion, description, selection, and use of software security tools and services that can find these weaknesses in source code and operational systems as well as better understanding and management of software weaknesses related to architecture and design.
CWE in the Enterprise
Page Last Updated: June 07, 2016