CWE Program

Account maintained by the Common Weakness Enumeration (CWE™) Program to update the community on CWE--related announcements.
cwe.mitre.org

CWE ProgramCWE_Program
2025-06-19

Learn about CWE’s most important problems and where they fit within the challenges faced by the broader / ecosystem in this video from

youtu.be/RcR-EFSptnQ

“Hard Problems in CWE, and What it Tells us about Hard Problems in the Industry,” presentation from “CVE/FIRST VulnCon 2025.” Speaker: CWE Program Technical Lead Steve Christey Coley.
CWE ProgramCWE_Program
2025-06-11

Hardware SIG members—Reminder that our next meeting is Friday, 6/13/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)

Topic:
- Continue discussion regarding Memory Access Related Weaknesses as they relate to hardware

Join HW SIG: bit.ly/3SCkqyk

CWE ProgramCWE_Program
2025-05-27

User Experience Working Group (UEWG) members — Reminder that our next meeting is tomorrow, Wednesday, 5/28/2025, at 12:00-1:00PM EST

Topics:
- “CWE and Proactive Vulnerability Management” presentation by Przemyslaw Roguski, aka Rogue
- “CWE Content Development Repository (CDR) Overview” presentation by Connor Mullaly
- Open Discussion

About CWE UEWG: bit.ly/3CIylfz

CWE ProgramCWE_Program
2025-05-07

Hardware SIG members—Reminder that our next meeting is Friday, 5/9/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)

Topic:
- Memory Access Weaknesses in HW discussion
- Most Important Hardware Weaknesses Working Group (MIHW WG) update

Join CWE HW SIG: bit.ly/3SCkqyk

CWE ProgramCWE_Program
2025-04-15

Learn @ the Top 25, it’s value to defenders, & how CNAs help create the list; the purpose & benefits of mapping the root causes of vulnerabilities identified in CVE Records to CWE ; Root Cause Mapping (RCM) tips; & much more!

youtube.com/watch?v=8pe6w3PNpt8

Listen to the CWE Podcast -- "Root Cause Mapping and the CWE Top 25" -- on our YouTube Channel
CWE ProgramCWE_Program
2025-04-15

Thank you so much to everyone who attended the talks at the conference!!!

We’re already looking forward to next year’s event!

cwe.mitre.org

CVE/FIRST VulnCon:  Collaborate | Communicate | Coordinate
CWE ProgramCWE_Program
2025-04-14

Follow the CWE Program on Bluesky!
Please also follow us there for program news, new versions, updates on community activities, & more at bsky.app/profile/cweprogram.bs

https://bsky.app/profile/cweprogram.bsky.social
CWE ProgramCWE_Program
2025-04-10

Hardware SIG members—Reminder that our next meeting is tomorrow, Friday, 4/11/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)

Topic:
- Most Important Hardware Weaknesses Working Group (MIHW WG) update

HW CWE SIG info: bit.ly/3SCkqyk

CWE ProgramCWE_Program
2025-04-10

Day 4 of “CVE/FIRST VulnCon 2025”!

Today’s agenda for all 4 tracks:
first.org/conference/vulncon20

The CVE Program and FIRST are co-hosting "VulnCon 2025" at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025.
CWE ProgramCWE_Program
2025-04-09

Day 3 of “CVE/FIRST VulnCon 2025”!

Today’s agenda for all 3 tracks: first.org/conference/vulncon20

The CVE Program and FIRST are co-hosting "VulnCon 2025" at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025.
CWE ProgramCWE_Program
2025-04-08

Day 2 of “CVE/FIRST VulnCon 2025”!

Today’s agenda for all 7 tracks: first.org/conference/vulncon20

The CVE Program and FIRST are co-hosting "VulnCon 2025" at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025.
CWE ProgramCWE_Program
2025-04-07

Day 1 of “CVE/FIRST VulnCon 2025” is here!

Today’s agenda for all 5 tracks: first.org/conference/vulncon20

The CVE Program and FIRST are co-hosting "VulnCon 2025" at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025.
CWE ProgramCWE_Program
2025-04-03

The Program is excited to announce that its “Content Development Repository (CDR)” is now fully public!

The CDR enables greater transparency and community collaboration on developing CWE information.

The broader cybersecurity community can better track and contribute to new weakness content development as well as the updating, modifying, and strengthening of existing corpus information.

Check it out here: cwe.mitre.org/news/archives/ne

CWE ProgramCWE_Program
2025-04-03

Want to know the top ten in CISA’s “Known Exploited Vulnerabilities () Catalog”?

The “2024 CWE Top 10 KEV Weaknesses” list is now available on the CWE website!

List - cwe.mitre.org/top25/archive/20
Key Insights - cwe.mitre.org/top25/archive/20
Methodology - cwe.mitre.org/top25/archive/20

Tree Map of the https://cwe.mitre.org/top25/archive/2024/2024_kev_list.html
CWE ProgramCWE_Program
2025-04-03

CWE 4.17 is now available! This latest release includes 3 new weaknesses, major updates to an related weakness + extensive usability improvements to the website landing page, website navigation, CWE entry page renderings, tables, lists, & more

cwe.mitre.org/news/archives/ne

New Common Weakness Enumeration (CWE™) List Version Released!
CWE ProgramCWE_Program
2025-04-02

“CVE/FIRST VulnCon 2025” is next week, April 7-10!

There are four talks on the agenda and it’s not too late to attend!

Virtual admission registration (US $100.00) closes on April 4, so register today at first.org/conference/vulncon20

The CVE Program and FIRST will co-host "VulnCon 2025" next week at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025. Virtual admission registration, which closes on April 4, 2025, is US $100.00.
CWE ProgramCWE_Program
2025-03-25

User Experience Working Group (UEWG) members — Reminder that our next meeting is Wednesday, 3/26/2025, at 12:00-1:00PM EST

Topics:
- Macro-Usability Changes for CWE 4.17
- CWE Views Questions & Guidance
- Open Discussion

About CWE UEWG: bit.ly/3CIylfz

CWE ProgramCWE_Program
2025-03-13

Hardware SIG members—Reminder that our next meeting is tomorrow, Friday, 3/14/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)

Topic:
- General status of current HW Submissions
- HW Crypto Leak Submission Review
- MIHW WG Update

HW CWE SIG info: bit.ly/3SCkqyk

CWE ProgramCWE_Program
2025-03-10

Check out the four talks in the agenda for “CVE/FIRST VulnCon 2025” on April 7-10, 2025!
first.org/conference/vulncon20

Virtual & In-person registration available. Register today!

The CVE Program and FIRST will co-host "VulnCon 2025" at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025. Registration, both virtual and in-person, is open on the FIRST website.

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst