CWE

Common Weakness Enumeration

A Community-Developed List of Software & Hardware Weakness Types

New to CWE? click here!
CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
 
ID

CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.
2023 CWE Top 10 KEV Weaknesses
CWE Top 10 KEV Weaknesses

This list identifies the top ten CWEs in the Cybersecurity and Infrastructure Security Agency’s (CISA) “Known Exploited Vulnerabilities (KEV) Catalog,” a database of security flaws in software applications that have been exposed and leveraged by attackers. Our analysis/key insights about the list are available here, and our methodology for creating the list is here.



Community Engagement
Hardware CWE Special Interest Group
 Join HW CWE SIG
ICS/OT Special Interest Group
 Join ICS/OT SIG
REST API Working Group
 Join REST API WG
User Experience Working Group
 Join UE WG
CWE/CAPEC Board
 Read meeting minutes




Please see our Guidelines for New Content Suggestions
For other ways to get involved, contact us
Page Last Updated: January 19, 2024