CWE · MITRE source
CWE-402Transmission of Private Resources into a New Sphere ('Resource Leak')
The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2021-31407 | 1.8 | 8.6 | 0.0180 | 2021-04-23 |
CVE-2025-0502 | 1.8 | 9.1 | 0.0036 | 2025-01-15 |
CVE-2021-31410 | 1.7 | 8.6 | 0.0028 | 2021-04-23 |
CVE-2021-23264 | 1.7 | 8.1 | 0.0109 | 2021-12-02 |
CVE-2025-48383 | 1.7 | 8.2 | 0.0029 | 2025-05-27 |
CVE-2023-34467 | 1.6 | 7.5 | 0.0181 | 2023-06-23 |
CVE-2022-3596 | 1.5 | 7.5 | 0.0029 | 2023-09-20 |
CVE-2024-29900 | 1.5 | 7.5 | 0.0038 | 2024-03-29 |
CVE-2025-67745 | 1.4 | 7.1 | 0.0003 | 2025-12-18 |
CVE-2017-8442 | 1.3 | 6.5 | 0.0043 | 2017-07-07 |
CVE-2024-47146 | 1.3 | 6.5 | 0.0007 | 2024-12-06 |
CVE-2021-23263 | 1.2 | 5.9 | 0.0047 | 2021-12-02 |
CVE-2025-49618 | 1.2 | 5.8 | 0.0033 | 2025-07-03 |
CVE-2023-4569 | 1.1 | 5.5 | 0.0001 | 2023-08-28 |
CVE-2024-0443 | 1.1 | 5.5 | 0.0001 | 2024-01-12 |
CVE-2025-29925 | 1.1 | 5.3 | 0.0115 | 2025-03-19 |
CVE-2024-32388 | 1.1 | 5.3 | 0.0003 | 2025-12-01 |
CVE-2022-30231 | 1.0 | 4.9 | 0.0019 | 2022-06-14 |
CVE-2025-52925 | 1.0 | 5.0 | 0.0011 | 2025-07-02 |
CVE-2025-55014 | 1.0 | 4.7 | 0.0019 | 2025-08-04 |
CVE-2023-38509 | 0.9 | 4.3 | 0.0048 | 2023-11-07 |
CVE-2025-32360 | 0.9 | 4.2 | 0.0019 | 2025-04-05 |
CVE-2025-66422 | 0.9 | 4.3 | 0.0005 | 2025-11-30 |