Cwe 20

🧬 CWE Related 125
slug: cwe-20

Explanation

CWE-20は「ユーザーから受け取ったデータが、想定された形式・範囲・型かをきちんとチェックせずに使ってしまう欠陥」のことです。 非常に広い概念で、SQLi・XSS・コマンドインジェクションなど多くの攻撃の前段階となります。 「入力は信用するな (Trust Boundaries の概念)」がセキュリティ設計の基本原則です。
📌 Example
多くのCISA KEV登録CVEがこのCWEに分類されており、2024年だけで100件以上の悪用事例があります。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,695

ID Title
CVE-2026-9969 Vulnerability in google (CVE-2026-9969)
CVE-2026-9950 Vulnerability in google (CVE-2026-9950)
CVE-2026-9914 Vulnerability in google (CVE-2026-9914)
CVE-2026-49095 Vulnerability in elk (CVE-2026-49095)
CVE-2026-30760 Vulnerability in CVE-2026-30760 (CVE-2026-30760)
CVE-2026-22872 Vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872)
CVE-2026-30963 Vulnerability in github.com/projectcapsule/capsule (CVE-2026-30963)
CVE-2026-5509 Vulnerability in tp-link (CVE-2026-5509)
CVE-2026-42553 Vulnerability in cinny (CVE-2026-42553)
CVE-2026-42459 Vulnerability in github.com/free5gc/udm (CVE-2026-42459)
CVE-2026-48922 Path Traversal in org.jenkins-ci.plugins:credentials-binding (CVE-2026-48922)
CVE-2026-24195 Vulnerability in dos (CVE-2026-24195)
CVE-2025-33221 Vulnerability in dos (CVE-2025-33221)
CVE-2026-43935 Vulnerability in CVE-2026-43935 (CVE-2026-43935)
CVE-2026-9521 Vulnerability in CVE-2026-9521 (CVE-2026-9521)
CVE-2026-9497 Vulnerability in org.mengyun:tcc-transaction (CVE-2026-9497)
CVE-2026-40411 Vulnerability in microsoft (CVE-2026-40411)
CVE-2026-26147 Vulnerability in microsoft (CVE-2026-26147)
CVE-2026-3294 Vulnerability in tp-link (CVE-2026-3294)
CVE-2026-44417 Vulnerability in org.apache.cxf:cxf-rt-transports-jms (CVE-2026-44417)
CVE-2026-5072 Vulnerability in c (CVE-2026-5072)
CVE-2026-34910 KEV [KEV] Vulnerability in Ubiquiti ui (CVE-2026-34910)
CVE-2026-33000 Vulnerability in ui (CVE-2026-33000)
CVE-2026-46679 Vulnerability in @libp2p/gossipsub (CVE-2026-46679)
CVE-2026-9157 Vulnerability in CVE-2026-9157 (CVE-2026-9157)
CVE-2026-9124 Vulnerability in google (CVE-2026-9124)
CVE-2026-20240 Vulnerability in dos (CVE-2026-20240)
CVE-2026-5946 Vulnerability in isc (CVE-2026-5946)
CVE-2026-45783 Vulnerability in @libp2p/kad-dht (CVE-2026-45783)
CVE-2026-46357 Vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46357)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →