CWE · MITRE source
CWE-706Use of Incorrectly-Resolved Name or Reference
The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2020-15505 KEV | 9.6 | 9.8 | 0.9439 | 2020-07-07 |
CVE-2021-40539 KEV | 9.6 | 9.8 | 0.9442 | 2021-09-07 |
CVE-2025-24813 KEV | 9.6 | 9.8 | 0.9414 | 2025-03-10 |
CVE-2024-27292 | 7.1 | 7.5 | 0.9383 | 2024-03-21 |
CVE-2021-40856 | 6.8 | 7.5 | 0.8810 | 2021-12-13 |
CVE-2021-24122 | 4.3 | 5.9 | 0.5259 | 2021-01-14 |
CVE-2023-34092 | 4.2 | 7.5 | 0.4479 | 2023-06-01 |
CVE-2019-1351 | 2.9 | 7.5 | 0.2264 | 2020-01-24 |
CVE-2019-8395 | 2.7 | 9.8 | 0.1219 | 2019-02-17 |
CVE-2019-0220 | 2.4 | 5.3 | 0.2269 | 2019-06-11 |
CVE-2020-26233 | 2.4 | 7.3 | 0.1558 | 2020-12-08 |
CVE-2020-12278 | 2.3 | 9.8 | 0.0601 | 2020-04-27 |
CVE-2020-12279 | 2.3 | 9.8 | 0.0516 | 2020-04-27 |
CVE-2021-31933 | 2.3 | 7.2 | 0.1447 | 2021-04-30 |
CVE-2019-7731 | 2.1 | 9.8 | 0.0281 | 2019-02-11 |
CVE-2014-125125 | 2.1 | 0.0 | 0.3525 | 2025-07-31 |
CVE-2019-8908 | 2.0 | 9.8 | 0.0084 | 2019-02-18 |
CVE-2020-10574 | 2.0 | 9.8 | 0.0042 | 2020-03-14 |
CVE-2020-23448 | 2.0 | 9.8 | 0.0040 | 2021-01-26 |
CVE-2022-30257 | 2.0 | 9.8 | 0.0043 | 2022-11-21 |
CVE-2022-30258 | 2.0 | 9.8 | 0.0043 | 2022-11-21 |
CVE-2023-31814 | 2.0 | 9.8 | 0.0015 | 2023-05-23 |
CVE-2024-35198 | 2.0 | 9.8 | 0.0018 | 2024-07-19 |
CVE-2024-57785 | 2.0 | 4.9 | 0.1624 | 2025-01-16 |
CVE-2025-65474 | 2.0 | 9.8 | 0.0013 | 2025-12-11 |