At its core, the Common Weakness Enumeration (CWE™) is a list of software weaknesses types. Creating the list is a community initiative aimed at creating specific and succinct definitions for each common weakness type. By leveraging the widest possible group of interests and talents, the hope is to ensure that item in the list is adequately described and differentiated. This is a living effort with ongoing work to capture the specific effects, behaviors, exploit mechanisms, and implementation details within the CWE List as well as to review and revise the presentation approaches to provide those that best suit the community using this information.
Use one of the hierarchical representation below to navigate the entire list according to your specific point of view. The Research Concepts representation facilitates research into weakness types and organizes items by behaviors. The Development Concepts representation organizes items by concepts that are frequently used or encountered during development.
These views are used to represent mappings to external groupings such as a Top-N list, as well as to express subsets of entries that are related by some external factor.
A number of additional helpful views have been created. These are based on a specific criteria and hope to provide insight for a certain domain or use case.
Includes previous release versions of the core content downloads, schemas, schema documentation, and difference reports.