Common Weakness Enumeration

A Community-Developed List of Software & Hardware Weakness Types

New to CWE? click here!
CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home > CWE Top 25  

CWE Top 25 Most Dangerous Software Weaknesses

CWE Top 25 logo

Welcome to the 2023 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list (CWE™ Top 25). This list demonstrates the currently most common and impactful software weaknesses.

Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working.

CWEs are becoming more and more prevalent in vulnerability exposure conversations as the community looks to avoid the root causes that can become vulnerabilities. Links to information and documents that will help you understand and use the CWE Top 25 more effectively are noted below.

Available now:

Coming soon:

  • Actively Exploited — Ranking weaknesses by CISA’s KEV Catalog.

Top 25 Archive

Page Last Updated: September 18, 2023