CWE · MITRE source
CWE-501Trust Boundary Violation
The product mixes trusted and untrusted data in the same data structure or structured message.
A trust boundary can be thought of as line drawn through a program. On one side of the line, data is untrusted. On the other side of the line, data is assumed to be trustworthy. The purpose of validation logic is to allow data to safely cross the trust boundary - to move from untrusted to trusted. A trust boundary violation occurs when a program blurs the line between what is trusted and what is untrusted. By combining trusted and untrusted data in the same data structure, it becomes easier for programmers to mistakenly trust unvalidated data.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (9)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
AC-20 | Use of External Systems | AC | Establishes and maintains trust boundaries with external organizations before allowing their systems to interact with organization resources. |
AC-4 | Information Flow Enforcement | AC | Prevents information from crossing trust boundaries without explicit approved authorizations. |
CA-3 | Information Exchange | CA | Defining interfaces, controls, and trust responsibilities in agreements helps prevent violations of trust boundaries during data exchanges. |
CA-9 | Internal System Connections | CA | Authorizing and reviewing connections helps maintain proper trust boundaries between internal components. |
SC-16 | Transmission of Security and Privacy Attributes | SC | Explicitly binding attributes to information crossing trust boundaries prevents loss of security context that leads to trust-boundary violations. |
SC-46 | Cross Domain Policy Enforcement | SC | By mediating every interface between security domains, the mechanism upholds trust boundaries and blocks violations that would allow untrusted data or commands to cross. |
MP-5 | Media Transport | MP | Controlling media movement outside controlled areas maintains separation between internal and external trust boundaries. |
PM-24 | Data Integrity Board | PM | Review of inter-system matching programs identifies and corrects trust-boundary violations before data crosses organizational or policy domains. |
PT-3 | Personally Identifiable Information Processing Purposes | PT | Defines explicit trust boundaries for PII use via documented purposes and prevents processing outside those boundaries. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-61884 KEV | 6.4 | 7.5 | 0.4832 | 2025-10-12 |
CVE-2025-48938 | 2.0 | 9.8 | 0.0040 | 2025-05-30 |
CVE-2026-25725 | 2.0 | 10.0 | 0.0002 | 2026-02-06 |
CVE-2024-49050 | 1.9 | 8.8 | 0.0299 | 2024-11-12 |
CVE-2023-28597 | 1.7 | 8.3 | 0.0063 | 2023-03-27 |
CVE-2024-23682 | 1.7 | 8.2 | 0.0028 | 2024-01-19 |
CVE-2024-3661 | 1.7 | 7.6 | 0.0291 | 2024-05-06 |
CVE-2020-4076 | 1.6 | 7.8 | 0.0008 | 2020-07-07 |
CVE-2020-4077 | 1.6 | 7.7 | 0.0044 | 2020-07-07 |
CVE-2025-49714 | 1.6 | 7.8 | 0.0079 | 2025-07-08 |
CVE-2025-64496 | 1.5 | 7.3 | 0.0014 | 2025-11-08 |
CVE-2025-14542 | 1.5 | 7.5 | 0.0008 | 2025-12-13 |
CVE-2019-0035 | 1.4 | 6.8 | 0.0005 | 2019-04-10 |
CVE-2020-15096 | 1.4 | 6.8 | 0.0024 | 2020-07-07 |
CVE-2023-0629 | 1.4 | 7.1 | 0.0007 | 2023-03-13 |
CVE-2023-49788 | 1.4 | 7.2 | 0.0008 | 2023-12-08 |
CVE-2022-20826 | 1.3 | 6.4 | 0.0040 | 2022-11-15 |
CVE-2023-0627 | 1.3 | 6.7 | 0.0003 | 2023-09-25 |
CVE-2024-1725 | 1.3 | 6.5 | 0.0014 | 2024-03-07 |
CVE-2024-20265 | 1.2 | 5.9 | 0.0002 | 2024-03-27 |
CVE-2022-1799 | 1.1 | 5.7 | 0.0015 | 2022-07-29 |
CVE-2026-24153 | 1.0 | 5.2 | 0.0001 | 2026-03-31 |
CVE-2025-1118 | 0.9 | 4.4 | 0.0002 | 2025-02-19 |