CWE - Common Weakness Enumeration

Knowing the weaknesses that result in vulnerabilities means software developers, hardware designers, and security architects can eliminate them before deployment, when it is much easier and cheaper to do so

Learn About CWE
Overview – Learn what CWE is and how to use the information available on this website Basics FAQs Glossary	Root Cause Mapping – Learn about identifying the underlying cause(s) of a vulnerability Guidance Quick Tips Examples

Access Content
All Weaknesses (943 total) Top-N Lists Search CWE View CWEs by CWE REST API


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.