Welcome to the 2023 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list (CWE™ Top 25). This list demonstrates the currently most common and impactful software weaknesses.
Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working.
|2023 Top 25 List
CWEs are becoming more and more prevalent in vulnerability exposure conversations as the community looks to avoid the root causes that can become vulnerabilities. Links to information and documents that will help you understand and use the CWE Top 25 more effectively are noted below.
- Actively Exploited — Ranking weaknesses by CISA’s KEV Catalog.
Top 25 Archive