CWE · MITRE source
CWE-348Use of Less Trusted Source
The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (1)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SC-21 | Secure Name/Address Resolution Service (Recursive or Caching Resolver) | SC | Prevents use of less-trusted or adversarial sources by requiring proof of origin and integrity before accepting responses. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2024-45410 | 2.8 | 9.8 | 0.1395 | 2024-09-19 |
CVE-2022-31813 | 2.0 | 9.8 | 0.0005 | 2022-06-09 |
CVE-2024-27773 | 1.8 | 8.8 | 0.0008 | 2024-03-18 |
CVE-2025-48865 | 1.8 | 9.1 | 0.0017 | 2025-05-30 |
CVE-2025-59951 | 1.8 | 9.1 | 0.0005 | 2025-10-01 |
CVE-2025-69240 | 1.8 | 8.8 | 0.0002 | 2026-03-16 |
CVE-2021-21374 | 1.6 | 8.1 | 0.0031 | 2021-03-26 |
CVE-2024-47880 | 1.6 | 8.1 | 0.0019 | 2024-10-24 |
CVE-2025-55292 | 1.6 | 8.2 | 0.0003 | 2026-01-28 |
CVE-2021-21373 | 1.5 | 7.5 | 0.0019 | 2021-03-26 |
CVE-2022-2255 | 1.5 | 7.5 | 0.0068 | 2022-08-25 |
CVE-2024-23105 | 1.5 | 7.5 | 0.0008 | 2024-05-14 |
CVE-2025-27913 | 1.5 | 7.5 | 0.0011 | 2025-03-10 |
CVE-2026-35391 | 1.5 | 7.5 | 0.0002 | 2026-04-06 |
CVE-2022-4539 | 1.4 | 5.3 | 0.0515 | 2024-08-31 |
CVE-2025-47424 | 1.4 | 7.1 | 0.0010 | 2025-05-09 |
CVE-2022-4537 | 1.3 | 6.5 | 0.0013 | 2023-05-09 |
CVE-2022-4532 | 1.3 | 6.5 | 0.0011 | 2024-08-17 |
CVE-2025-43918 | 1.3 | 6.4 | 0.0006 | 2025-04-19 |
CVE-2025-1245 | 1.3 | 6.5 | 0.0011 | 2025-05-16 |
CVE-2026-35507 | 1.3 | 6.4 | 0.0002 | 2026-04-03 |
CVE-2026-40226 | 1.3 | 6.4 | 0.0001 | 2026-04-10 |
CVE-2026-24910 | 1.2 | 5.9 | 0.0000 | 2026-01-27 |
CVE-2026-3635 | 1.2 | 6.1 | 0.0001 | 2026-03-23 |
CVE-2024-0789 | 1.1 | 5.3 | 0.0009 | 2024-06-19 |