Cwe 20

🧬 CWE Related 125
slug: cwe-20

Explanation

CWE-20は「ユーザーから受け取ったデータが、想定された形式・範囲・型かをきちんとチェックせずに使ってしまう欠陥」のことです。 非常に広い概念で、SQLi・XSS・コマンドインジェクションなど多くの攻撃の前段階となります。 「入力は信用するな (Trust Boundaries の概念)」がセキュリティ設計の基本原則です。
📌 Example
多くのCISA KEV登録CVEがこのCWEに分類されており、2024年だけで100件以上の悪用事例があります。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,695

ID Title
CVE-2026-42809 Vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42809)
CVE-2026-42810 Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42810)
CVE-2026-42811 Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42811)
CVE-2026-42812 Vulnerability in org.apache.polaris:polaris-runtime-service (CVE-2026-42812)
CVE-2026-37458 Vulnerability in dos (CVE-2026-37458)
CVE-2026-1577 Vulnerability in dos (CVE-2026-1577)
CVE-2026-41654 Vulnerability in weblate (CVE-2026-41654)
CVE-2025-14576 Vulnerability in dos (CVE-2025-14576)
CVE-2024-54011 Vulnerability in hanwhavision (CVE-2024-54011)
CVE-2026-40068 Vulnerability in @anthropic-ai/claude-code (CVE-2026-40068)
CVE-2026-41044 Vulnerability in org.apache.activemq:apache-activemq (CVE-2026-41044)
CVE-2026-40466 Vulnerability in org.apache.activemq:apache-activemq (CVE-2026-40466)
CVE-2026-31192 Vulnerability in raindrop (CVE-2026-31192)
CVE-2025-13826 Vulnerability in dos (CVE-2025-13826)
CVE-2026-33436 Vulnerability in stirlingpdf (CVE-2026-33436)
CVE-2026-21733 Vulnerability in CVE-2026-21733 (CVE-2026-21733)
CVE-2026-34197 KEV [KEV] Vulnerability in Apache activemq (CVE-2026-34197)
CVE-2026-40261 Vulnerability in getcomposer (CVE-2026-40261)
CVE-2026-40176 Vulnerability in getcomposer (CVE-2026-40176)
CVE-2026-6328 Vulnerability in CVE-2026-6328 (CVE-2026-6328)
CVE-2026-33116 Vulnerability in csharp (CVE-2026-33116)
CVE-2026-32203 Vulnerability in csharp (CVE-2026-32203)
CVE-2026-32201 KEV [KEV] Vulnerability in Microsoft sharepoint-server (CVE-2026-32201)
CVE-2012-1854 KEV [KEV] Vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854)
CVE-2026-5879 Vulnerability in google (CVE-2026-5879)
CVE-2025-48651 Vulnerability in google (CVE-2025-48651)
CVE-2026-34760 Vulnerability in vllm (CVE-2026-34760)
CVE-2026-21712 Vulnerability in CVE-2026-21712 (CVE-2026-21712)
CVE-2026-33894 Vulnerability in digitalbazaar (CVE-2026-33894)
CVE-2026-33758 Vulnerability in openbao (CVE-2026-33758)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →