CWE

Common Weakness Enumeration

A Community-Developed List of Software & Hardware Weakness Types
2021 CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
 
ID
CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.

CWE List Quick Access
View CWE



Search CWE

Total Weaknesses: 927
2022 CWE Top 25 Most Dangerous Software Weaknesses

2022 CWE Top 25 Most Dangerous Software Weaknesses

They are dangerous because they are often easy to find, exploit, and can allow adversaries to completely take over a system, steal data, or prevent an application from working.
Community Engagement
Hardware CWE Special Interest Group
  Join HW CWE SIG
ICS/OT Special Interest Group
  Join ICS/OT SIG
REST API Working Group
  Join REST API WG
User Experience Working Group
  Join UE WG
CWE/CAPEC Board
  Read meeting minutes
CWE News





More >>

Please see our Guidelines for New Content Suggestions
For other ways to get involved, contact us
More information is available — Please select a different filter.
Page Last Updated: September 13, 2022
 

Use of the Common Weakness Enumeration (CWE) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2022, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.