Cwe 20

🧬 CWE Related 125

slug: cwe-20

Explanation

CWE-20は「ユーザーから受け取ったデータが、想定された形式・範囲・型かをきちんとチェックせずに使ってしまう欠陥」のことです。非常に広い概念で、SQLi・XSS・コマンドインジェクションなど多くの攻撃の前段階となります。「入力は信用するな (Trust Boundaries の概念)」がセキュリティ設計の基本原則です。

📌 Example

多くのCISA KEV登録CVEがこのCWEに分類されており、2024年だけで100件以上の悪用事例があります。

🔗 Related links

MITRE CWE-20 公式ページ ↗

🔖 Related tags

Cwe 78120 Cwe 787105 Cwe 41699 Cwe 2296 Cwe 11990 Cwe 9484 Cwe 50270 Cwe 7966 Cwe 8954 Cwe 91844 Cwe 28443 Cwe 28741 Cwe 7740 Cwe 30638 Cwe 84337

🛡 Vulnerabilities tagged with this 128

ID	Title	Severity	Detected
CVE-2026-42301	Vulnerability in CVE-2026-42301 (CVE-2026-42301)	High	19 hours ago
CVE-2026-29202	Vulnerability in CVE-2026-29202 (CVE-2026-29202)	High	1 day ago
CVE-2026-29201	Vulnerability in CVE-2026-29201 (CVE-2026-29201)	Medium	1 day ago
CVE-2026-44336	Vulnerability in praison (CVE-2026-44336)	Critical	1 day ago
CVE-2026-44337	Vulnerability in praison (CVE-2026-44337)	Medium	1 day ago
CVE-2026-43944	Vulnerability in electerm (CVE-2026-43944)	Critical	1 day ago
CVE-2026-42261	Vulnerability in ssrf (CVE-2026-42261)	High	1 day ago
CVE-2026-33844	Vulnerability in apache (CVE-2026-33844)	Critical	2 days ago
CVE-2026-6973 KEV	[KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)	High	2 days ago
CVE-2026-7989	Vulnerability in google (CVE-2026-7989)	Medium	3 days ago
CVE-2026-7916	Vulnerability in google (CVE-2026-7916)	High	3 days ago
CVE-2026-43117	Vulnerability in linux (CVE-2026-43117)	Critical	3 days ago
CVE-2026-34197 KEV	[KEV] Vulnerability in Apache activemq (CVE-2026-34197)	High	3 weeks ago
CVE-2026-32201 KEV	[KEV] Vulnerability in Microsoft sharepoint-server (CVE-2026-32201)	High	3 weeks ago
CVE-2012-1854 KEV	[KEV] Vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854)	High	3 weeks ago
CVE-2025-20393 KEV	[KEV] Vulnerability in Cisco multiple-products (CVE-2025-20393)	High	4 months ago
CVE-2025-54236 KEV	[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)	Critical	6 months ago
CVE-2025-6558 KEV	[KEV] Vulnerability in Google chromium (CVE-2025-6558)	High	9 months ago
CVE-2024-21413 KEV	[KEV] Vulnerability in Microsoft office-outlook (CVE-2024-21413)	High	1 year ago
CVE-2016-3714 KEV	[KEV] Vulnerability in imagemagick (CVE-2016-3714)	High	1 year ago
CVE-2024-38189 KEV	[KEV] Vulnerability in Microsoft project (CVE-2024-38189)	High	1 year ago
CVE-2024-30040 KEV	[KEV] Vulnerability in Microsoft windows (CVE-2024-30040)	High	1 year ago
CVE-2024-3400 KEV	[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)	High	2 years ago
CVE-2023-41266 KEV	[KEV] Vulnerability in Qlik sense (CVE-2023-41266)	High	2 years ago
CVE-2023-36563 KEV	[KEV] Vulnerability in Microsoft wordpad (CVE-2023-36563)	High	2 years ago
CVE-2014-8361 KEV	[KEV] Vulnerability in Realtek sdk (CVE-2014-8361)	High	2 years ago
CVE-2021-25489 KEV	[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25489)	High	2 years ago
CVE-2023-2868 KEV	[KEV] Vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868)	High	2 years ago
CVE-2010-3904 KEV	[KEV] Vulnerability in Linux kernel (CVE-2010-3904)	High	2 years ago
CVE-2021-30900 KEV	[KEV] Vulnerability in Apple ios (CVE-2021-30900)	High	3 years ago

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →