CWE-241Improper Handling of Unexpected Data Type

Abstraction: Base · CVEs in our corpus: 32

The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z).

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control	Title	Family	Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE	Risk	CVSS	EPSS	Published
`CVE-2022-29181`	1.9	8.2	0.0418	2022-05-20
`CVE-2021-40116`	1.8	8.6	0.0078	2021-10-27
`CVE-2022-39064`	1.6	8.1	0.0009	2022-10-14
`CVE-2023-30591`	1.6	7.5	0.0221	2023-09-29
`CVE-2021-39131`	1.5	7.5	0.0058	2021-08-17
`CVE-2022-24668`	1.5	7.5	0.0043	2022-02-09
`CVE-2022-1642`	1.5	7.5	0.0022	2022-06-16
`CVE-2022-3029`	1.5	7.5	0.0054	2022-09-13
`CVE-2024-21523`	1.5	7.5	0.0022	2024-07-10
`CVE-2024-21526`	1.5	7.5	0.0009	2024-07-10
`CVE-2025-2268`	1.5	7.5	0.0039	2025-03-14
`CVE-2025-63548`	1.5	7.5	0.0014	2026-05-01
`CVE-2021-0242`	1.3	6.5	0.0008	2021-04-22
`CVE-2022-39065`	1.3	6.5	0.0009	2022-10-14
`CVE-2024-0151`	1.3	6.5	0.0013	2024-04-24
`CVE-2022-22219`	1.2	5.9	0.0049	2022-10-18
`CVE-2023-28961`	1.2	5.8	0.0025	2023-04-17
`CVE-2022-22193`	1.1	5.5	0.0005	2022-04-14
`CVE-2023-5215`	1.1	5.3	0.0005	2023-09-28
`CVE-2024-25966`	1.1	5.3	0.0051	2024-05-14
`CVE-2024-9423`	1.1	5.3	0.0019	2024-10-02
`CVE-2025-1004`	1.1	5.3	0.0020	2025-02-06
`CVE-2025-66550`	1.1	5.7	0.0002	2025-12-05
`CVE-2024-21927`	1.0	5.0	0.0010	2025-09-23
`CVE-2024-21935`	1.0	5.0	0.0006	2025-09-23