A09:2025 Security Logging and Alerting Failures
Security-relevant events aren't logged, alerts don't fire, or log integrity isn't protected — incidents go undetected.
Member CWEs (5)
- CWE-117 Improper Output Neutralization for Logs
- CWE-221 Information Loss or Omission
- CWE-223 Omission of Security-relevant Information
- CWE-532 Insertion of Sensitive Information into Log File
- CWE-778 Insufficient Logging
Tagged CVEs (showing 50 most recent of 1,232)
- CVE-2026-8200
- CVE-2026-7824
- CVE-2026-6494
- CVE-2026-4957
- CVE-2026-4901
- CVE-2026-4819
- CVE-2026-4788
- CVE-2026-44516
- CVE-2026-44479
- CVE-2026-44052
- CVE-2026-43992
- CVE-2026-43826
- CVE-2026-42282
- CVE-2026-41495
- CVE-2026-41219
- CVE-2026-41182
- CVE-2026-41018
- CVE-2026-41004
- CVE-2026-40945
- CVE-2026-40091
- CVE-2026-35185
- CVE-2026-3494
- CVE-2026-34487
- CVE-2026-34478
- CVE-2026-34164
- CVE-2026-32982
- CVE-2026-32803
- CVE-2026-32693
- CVE-2026-32598
- CVE-2026-32218
- CVE-2026-32217
- CVE-2026-32215
- CVE-2026-31987
- CVE-2026-31890
- CVE-2026-29184
- CVE-2026-28987
- CVE-2026-28943
- CVE-2026-28923
- CVE-2026-28868
- CVE-2026-28261
- CVE-2026-27900
- CVE-2026-27315
- CVE-2026-2605
- CVE-2026-25918
- CVE-2026-25846
- CVE-2026-25813
- CVE-2026-25598
- CVE-2026-25548
- CVE-2026-25211
- CVE-2026-24762
Data: OWASP Top 10:2025 (CC BY-SA 4.0) · CWE memberships from cwe-api.mitre.org (meta-category CWE-1444).